Network Based Malware Detection in Virtualised Environment

Pushpinder Kaur Chouhan, Matthew Hagan, Gavin McWilliams, Sakir Sezer

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)


While virtualisation can provide many benefits to a networks infrastructure, securing the virtualised environment is a big challenge. The security of a fully virtualised solution is dependent on the security of each of its underlying components, such as the hypervisor, guest operating systems and storage.

This paper presents a single security service running on the hypervisor that could potentially work to provide security service to all virtual machines running on the system. This paper presents a hypervisor hosted framework which performs specialised security tasks for all underlying virtual machines to protect against any malicious attacks by passively analysing the network traffic of VMs. This framework has been implemented using Xen Server and has been evaluated by detecting a Zeus Server setup and infected clients, distributed over a number of virtual machines. This framework is capable of detecting and identifying all infected VMs with no false positive or false negative detection.
Original languageEnglish
Title of host publicationEuro-Par 2014: Parallel Processing Workshops: Euro-Par 2014 International Workshops, Porto, Portugal, August 25-26, 2014 Revised Selected Papers Part I
Number of pages12
ISBN (Electronic)9783319143255
ISBN (Print)9783319143248
Publication statusPublished - 26 Aug 2014
EventLSDVE 2014 - Porto, Portugal
Duration: 26 Aug 2014 → …

Publication series

NameLecture Notes in Computer Science
ISSN (Print)0302-9743


WorkshopLSDVE 2014
Period26/08/2014 → …


Dive into the research topics of 'Network Based Malware Detection in Virtualised Environment'. Together they form a unique fingerprint.

Cite this