• Cloud Infrastructure is revolutionizing many ecosystems by providing
organizations with computing resources featuring easy deployment, connectivity,
configuration, automation and reconfigure virtualized resources on demand. • The main focus is on security issues in cloud computing that are associated with big data. • It proposes a novel big data based security analytics approach(BDSA) to detecting advanced attacks in virtualized infrastructures. • Network logs as well as user application logs collected periodically from the guest virtual machines (VMs) are stored in the Hadoop Distributed File System (HDFS). • Massive amount of data and information are produced by and about people, things, and their interactions. • Big Data analytics is an umbrella term, that in corporates methods and technologies, hardware and software for collecting, and managing and analyzing large scale structured and unstructured data in real-time. • A virtualized infrastructure consists of virtual machines (VMs) that rely upon the software-defined multi-instance resources of the hosting hardware. • The virtual machine monitor, also called hypervisor, sustains, regulates and manages the software-defined multi-instance architecture. Aim & Objective • Quantitatively measurable objectives are defined for the business’s big data environments. • The processes and procedures are repeatable and ensure the successful implementation of big data initiatives. • End-to-end integration exists with the rest of the data warehouse and information management environments. Scope
• To protect virtualized infrastructure against
attack.
• To improve efficiency of detection through
effective techniques. Existing system • It Consistent with previous case with two guest VMs. • This is due to two of the guest running the more flexible access control module, which enables the remote command executions to be, executed on the guest VMs and the results to be obtained quicker. • However the number of outlier detection times also increased from two in the previous case to four, reflecting the guest SSH server running in the third guest VM to periodically reset itself to prevent against DDoS attacks. Drawbacks • Cannot detect advanced attacks in virtualized infrastructures. • Security analytics removes the need for signature database by using event correlation to detect previously undiscovered attacks, this is often not carried out in real-time and current implementations are intrinsically non scalable. Proposed System • A novel big data based security analytics (BDSA) approach to protecting virtualized infrastructures in cloud computing against advanced attacks. • Our BDSA approach constitutes a three phase framework for detecting advanced attacks in real-time. • First, the guest VMs network logs as well as user application logs are periodically collected from the guest VMs and stored in the HDFS. • Then, attack features are extracted through correlation graph and MapReduce parser. Finally, two-step machine learning is utilized to ascertain attack presence. Advantages • The distributed processing of HDFS and real-time ability of Map Reduce model in Spark to address the velocity and volume challenges in security analytics. • Extraction of attack features is performed through graph based event correlation and Map Reduce parser based identification of potential attack paths