OpenNebula Virtual Machine Profiling for Intrusion Detection System
Intrusion Detection System can be build for private cloud using OpenNebula. OpenNebula is a cloud computing platform for managing heterogenous distributed data center infrastructure. The database is generated using a private cloud setup using KVM and OpenNebula. OpenNebula provides API to monitor Virtual Machines (VMs) running on the infrastructure. Total 6 VMs were deployed on the infrastructure. The monitoring data was collected over 63 Hours. Attacks were simulated on few of the VMs for variable time duration. These data is tagged as Normal and Attack data based on the known attack scenario. The dataset can be used to profile VM behaviour based on OpenNebula monitoring features. A machine learning model can be trained for the same.
The values of the parameters are cumulative in nature. To get the value pertaining to the exact epoch time of LAST_POLL, one needs to get the difference of the consecutive values. VMID, LAST_POLL, MAC & IP are the metadata related to the Virtual Machines.