International Journal of Research

Cloud computing has Virtualized infrastructure become a target for cyber attackers to launch advanced attacks. This Project proposes a big data based security analytics approach to detecting advanced attacks in virtualized infrastructures. Network logs and user application logs collected periodically from the guest virtual machines (VMs) are stored in the Hadoop Distributed File System (HDFS). Then, extraction of attack features is performed through graph-based event correlation and Map Reduce parser based identification of potential attack paths. Next, determination of attack presence is performed through two-step machine learning, namley logistic regression is applied to calculate attack’s conditional probabilities with respect to the attributes, and belief propagation is applied to calculate the belief in existence of an attack based on them.