To satisfy security concerns including infrastructure as a service (IaaS) security framework, security service access, network anomaly detection, and virtual machine (VM) monitoring, a layered security framework is built which composes of a physical layer, a virtualization layer, and a security management layer. Then, two security service access methods are realized for various security tools from the perspective of whether security tools generate communication traffic. One without generating traffic employs the VM traffic redirection technology and the other leveraged the mechanism of multitasking process access. Moreover, a stacked LSTM-based network anomaly detection agentless method is proposed, which has advantages of a higher ratio of precision and recall. Finally, a Hypervisor-based agentless monitoring method for VMs based on dynamic code injection is proposed, which has benefits of high security of the external monitoring method and good context analysis of the internal monitoring mechanism. The experimental results demonstrate the effectiveness of the proposed protection framework and the corresponding security mechanisms, respectively.

中文翻译：

---

IaaS平台中针对VM的安全即服务研究的扩展

为了满足包括基础结构即服务（IaaS）安全框架，安全服务访问，网络异常检测和虚拟机（VM）监视在内的安全问题，构建了一个分层的安全框架，该框架由物理层，虚拟化层和虚拟层组成。安全管理层。然后，从安全工具是否产生通信流量的角度出发，针对各种安全工具实现了两种安全服务访问方法。一个不产生流量的应用程序使用VM流量重定向技术，另一个使用多任务进程访问机制。此外，提出了一种基于LSTM的堆叠式网络异常检测无代理方法，该方法具有较高的查全率和查全率。最后，提出了一种基于Hypervisor的基于动态代码注入的虚拟机无代理监控方法，该方法具有外部监控方法安全性高，内部监控机制上下文分析良好的优点。实验结果分别证明了所提出的保护框架和相应的安全机制的有效性。