Search International and National Patent Collections

1. (WO2018033375) MITIGATING SECURITY ATTACKS IN VIRTUALISED COMPUTING ENVIRONMENTS

Pub. No.:    WO/2018/033375    International Application No.:    PCT/EP2017/069272
Publication Date: Fri Feb 23 00:59:59 CET 2018 International Filing Date: Tue Aug 01 01:59:59 CEST 2017
IPC: G06F 21/57
Applicants: BRITISH TELECOMMUNICATIONS PUBLIC LIMITED COMPANY
Inventors: EL-MOUSSA, Fadi
HERWONO, Ian
Title: MITIGATING SECURITY ATTACKS IN VIRTUALISED COMPUTING ENVIRONMENTS
Abstract:
A computer implemented method to mitigate a security attack against a target virtual machine (VM) in a virtualised computing environment, the target VM having a target VM configuration including configuration parameters, and the security attack exhibiting a particular attack characteristic, the method comprising: training a machine learning algorithm as a classifier based on a plurality of training data items, each training data item corresponding to a training VM and including a representation of parameters for a configuration of the training VM and a representation of characteristics of security attacks for the training VM; generating a first data structure for storing one or more relationships between VM configuration parameters and attack characteristics, wherein the first data structure is generated by sampling the trained machine learning algorithm to identify the relationships; receiving a second data structure storing a directed graph representation of one or more sequences of VM configuration parameters for achieving the particular attack characteristic of the security attack, the VM parameters in the directed graph being determined based on the first data structure; identifying VM parameters of the target VM used in the security attack as a subset of sequences in the directed graph corresponding to VM parameters of the target VM; and supplementing the target VM configuration with a security facility associated with at least one of the identified VM parameters so as to protect the target VM from the attack.