Home | Legals | KIT

Refereed conference/Workshop papers

[1] Aleksandar Milenkoski, Bryan D. Payne, Nuno Antunes, Marco Vieira, and Samuel Kounev. HInjector: Injecting Hypercall Attacks for Evaluating VMI-based Intrusion Detection Systems (poster paper). In The 2013 Annual Computer Security Applications Conference (ACSAC 2013), New Orleans, Louisiana, USA, 2013. Applied Computer Security Associates (ACSA), Maryland, USA. 2013. [ bib | .pdf ]
[2] Aleksandar Milenkoski and Samuel Kounev. Towards Benchmarking Intrusion Detection Systems for Virtualized Cloud Environments (extended abstract). In Proceedings of the 7th International Conference for Internet Technology and Secured Transactions (ICITST 2012), London, United Kingdom, December 2012, pages 562-563. IEEE, New York, USA. December 2012. [ bib | http | .pdf | Abstract ]
Many recent research works propose novel architectures of intrusion detection systems specifically designed to operate in virtualized environments. However, little attention has been given to the evaluation and benchmarking of such architectures with respect to their performance and dependability. In this paper, we present a research roadmap towards developing a framework for benchmarking intrusion detection systems for cloud environments in a scientifically rigorous and a representative manner.

Technical Reports

[1] Aleksandar Milenkoski, Samuel Kounev, Alberto Avritzer, Nuno Antunes, and Marco Vieira. On Benchmarking Intrusion Detection Systems in Virtualized Environments. Technical Report SPEC-RG-2013-002 v.1.0, SPEC Research Group - IDS Benchmarking Working Group, Standard Performance Evaluation Corporation (SPEC), 7001 Heritage Village Plaza Suite 225, Gainesville, VA 20155, June 2013. [ bib | .pdf | Abstract ]
Modern intrusion detection systems (IDSes) for virtualized environments are deployed in the virtualization layer with components inside the virtual machine monitor (VMM) and the trusted host virtual machine (VM). Such IDSes can monitor at the same time the network and host activities of all guest VMs running on top of a VMM being isolated from malicious users of these VMs. We refer to IDSes for virtualized environments as VMM-based IDSes. In this work, we analyze state-of-the-art intrusion detection techniques applied in virtualized environments and architectures of VMM-based IDSes. Further, we identify challenges that apply specifically to benchmarking VMM-based IDSes focussing on workloads and metrics. For example, we discuss the challenge of de ning representative baseline benign workload profiles as well as the challenge of de ning malicious workloads containing attacks targeted at the VMM. We also discuss the impact of on-demand resource provisioning features of virtualized environments (e.g., CPU and memory hotplugging, memory ballooning) on IDS benchmarking measures such as capacity and attack detection accuracy. Finally, we outline future research directions in the area of benchmarking VMM-based IDSes and of intrusion detection in virtualized environments in general.
[2] Aleksandar Milenkoski, Alexandru Iosup, Samuel Kounev, Kai Sachs, Piotr Rygielski, Jason Ding, Walfredo Cirne, and Florian Rosenberg. Cloud Usage Patterns: A Formalism for Description of Cloud Usage Scenarios. Technical Report SPEC-RG-2013-001 v.1.0.1, SPEC Research Group - Cloud Working Group, Standard Performance Evaluation Corporation (SPEC), 7001 Heritage Village Plaza Suite 225, Gainesville, VA 20155, April 2013. [ bib | .pdf | Abstract ]
Cloud computing is becoming an increasingly lucrative branch of the existing information and communication technologies (ICT). Enabling a debate about cloud usage scenarios can help with attracting new customers, sharing best-practices, and designing new cloud services. In contrast to previous approaches, which have attempted mainly to formalize the common service delivery models (i.e., Infrastructure-as-a-Service, Platform-as-a-Service, and Software-as-a-Service), in this work, we propose a formalism for describing common cloud usage scenarios referred to as cloud usage patterns. Our formalism takes a structuralist approach allowing decomposition of a cloud usage scenario into elements corresponding to the common cloud service delivery models. Furthermore, our formalism considers several cloud usage patterns that have recently emerged, such as hybrid services and value chains in which mediators are involved, also referred to as value chains with mediators. We propose a simple yet expressive textual and visual language for our formalism, and we show how it can be used in practice for describing a variety of real-world cloud usage scenarios. The scenarios for which we demonstrate our formalism include resource provisioning of global providers of infrastructure and/or platform resources, online social networking services, user-data processing services, online customer and ticketing services, online asset management and banking applications, CRM (Customer Relationship Management) applications, and online social gaming applications.

Refereed conference/Workshop papers (2009-2011)

[1] Aleksandar Milenkoski, Biljana Stojcevska, and Oliver Popov. System for Transport Protocol Evaluation with Automatic Calculation of Statistical Accuracy and Distributed Execution (poster paper). In Proceedings of the 4th International ICST Conference on Simulation Tools and Techniques (SIMUTools 2011), Barcelona, Spain, March 22-24, 2011, pages 84-86. ACM, New York, NY, USA. March 2011.
[2] Biljana Stojcevska, Oliver Popov, and Aleksandar Milenkoski. Iterative System for Simulation of E2E Transport Protocols in Heterogeneous Networks. In Proceedings of the 7th EUROSIM Congress on Modelling and Simulation (EUROSIM 2010), Prague, Czech Republic, September 5-10, 2010. Federation of European Simulation Societies. September 2010.
[3] Biljana Stojcevska, Oliver Popov, and Aleksandar Milenkoski. The Performance of a Packet Pairing TCP Modification in Networks with Lossy Links (poster paper). In ICT Innovations, Ohrid, Repubic of Macedonia, September 28-29, 2009. Springer-Verlag, Berlin, Heidelberg. September 2009.

Articles (2009-2011)

[1] Aleksandar Milenkoski. Assessment of the Diversity of the TCP Congestion Control Evaluation Techniques, an Academic Survey of Articles (1989 – 2009). Computer Networks and Internet Research, 10(1):39-47, December 2010, International Congress for Global Science and Technology (ICGST), Germany.
[2] Aleksandar Milenkoski and Biljana Stojcevska. Loss Differentiation Algorithms vs. Congestion Control Schemes: Dynamics and Performance. International Journal of Distributed and Parallel Systems, 1(1): 13-30, September 2010, Academy & Industry Research Collaboration Center, Australia.
[3] Aleksandar Milenkoski, Biljana Stojcevska, and Oliver Popov. Statistical Framework for ns-3: Terminating Simulation and Regression Analysis. World Journal of Modeling and Simulation, World Academic Press, England, UK. Accepted for publication.