• Cloud Infrastructure is revolutionizing many ecosystems by providing

organizations with computing resources featuring easy deployment, connectivity,

configuration, automation and reconfigure virtualized resources on demand.
• The main focus is on security issues in cloud computing that are associated
with big data.
• It proposes a novel big data based security analytics approach(BDSA) to
detecting advanced attacks in virtualized infrastructures.
• Network logs as well as user application logs collected periodically from the guest
virtual machines (VMs) are stored in the Hadoop Distributed File System
(HDFS).
• Massive amount of data and information are produced by and about
people, things, and their interactions.
• Big Data analytics is an umbrella term, that in corporates methods and
technologies, hardware and software for collecting, and managing and
analyzing large scale structured and unstructured data in real-time.
• A virtualized infrastructure consists of virtual machines (VMs) that rely
upon the software-defined multi-instance resources of the hosting
hardware.
• The virtual machine monitor, also called hypervisor, sustains, regulates and
manages the software-defined multi-instance architecture.
 Aim & Objective
• Quantitatively measurable objectives are defined for the
business’s big data environments.
• The processes and procedures are repeatable and ensure
the successful implementation of big data initiatives.
• End-to-end integration exists with the rest of the data
warehouse and information management environments.
 Scope

• To protect virtualized infrastructure against

attack.

• To improve efficiency of detection through

effective techniques.
 Existing system
• It Consistent with previous case with two guest VMs.
• This is due to two of the guest running the more flexible access
control module, which enables the remote command executions to
be, executed on the guest VMs and the results to be obtained
quicker.
• However the number of outlier detection times also increased from
two in the previous case to four, reflecting the guest SSH server
running in the third guest VM to periodically reset itself to prevent
against DDoS attacks.
 Drawbacks
• Cannot detect advanced attacks in virtualized
infrastructures.
• Security analytics removes the need for signature
database by using event correlation to detect
previously undiscovered attacks, this is often not
carried out in real-time and current
implementations are intrinsically non scalable.
 Proposed System
• A novel big data based security analytics (BDSA) approach to protecting
virtualized infrastructures in cloud computing against advanced attacks.
• Our BDSA approach constitutes a three phase framework for detecting
advanced attacks in real-time.
• First, the guest VMs network logs as well as user application logs are
periodically collected from the guest VMs and stored in the HDFS.
• Then, attack features are extracted through correlation graph and
MapReduce parser. Finally, two-step machine learning is utilized to
ascertain attack presence.
 Advantages
• The distributed processing of HDFS and real-time
ability of Map Reduce model in Spark to address the
velocity and volume challenges in security analytics.
• Extraction of attack features is performed through
graph based event correlation and Map Reduce parser
based identification of potential attack paths