S. Roschke, F. Cheng, and C. Meinel, Intrusion Detection in the Cloud, Dependable , Autonomic and Secure Computing DASC '09. Eighth IEEE International Conference on, pp.729-734, 2009.

T. Garfinkel and M. Rosenblum, A Virtual Machine Introspection Based Architecture for Intrusion Detection, Proceedings Network and Distributed Systems Security Symposium, pp.191-206, 2003.

A. S. Ibrahim, J. Hamlyn-harris, J. Grundy, and M. Almorsy, CloudSec: A security monitoring appliance for Virtual Machines in the IaaS cloud model, 2011 5th International Conference on Network and System Security, pp.113-120, 2011.
DOI : 10.1109/ICNSS.2011.6059967

D. Dib, N. Parlavantzas, and C. Morin, SLA-Based Profit Optimization in Cloud Bursting PaaS, 2014 14th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, pp.141-150, 2014.
DOI : 10.1109/CCGrid.2014.78
URL : https://hal.archives-ouvertes.fr/hal-00940299

T. Mather, S. Kumaraswamy, and S. Latif, Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance, 2009.

N. U. Shirazi, S. Simpson, A. K. Marnerides, M. Watson, A. Mauthe et al., Assessing the impact of intra-cloud live migration on anomaly detection, 2014 IEEE 3rd International Conference on Cloud Networking (CloudNet), 2014.
DOI : 10.1109/CloudNet.2014.6968968

J. O. Kephart and D. M. Chess, The vision of autonomic computing, Computer, vol.36, issue.1, pp.41-50, 2003.
DOI : 10.1109/MC.2003.1160055

M. C. Huebscher and J. A. Mccann, A survey of autonomic computing???degrees, models, and applications, ACM Computing Surveys, vol.40, issue.3, pp.1-728, 2008.
DOI : 10.1145/1380584.1380585

M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katz et al., Above the Clouds: A Berkeley View of Cloud Computing, 2009.

P. M. Mell and T. Grance, SP 800-145. The NIST Definition of Cloud Computing, tech. rep, 2011.

S. Kächele, C. Spann, F. J. Hauck, and J. Domaschka, Beyond IaaS and PaaS: An Extended Cloud Taxonomy for Computation, Storage and Networking, 2013 IEEE/ACM 6th International Conference on Utility and Cloud Computing, pp.75-82, 2013.
DOI : 10.1109/UCC.2013.28

D. Miloji, I. M. Llorente, and R. S. Montero, OpenNebula: A Cloud Management Tool, IEEE Internet Computing, vol.15, issue.2, pp.11-14, 2011.
DOI : 10.1109/MIC.2011.44

O. Sefraoui, M. Aissaoui, and M. Eleuldj, OpenStack: Toward an Open-source Solution for Cloud Computing, International Journal of Computer Applications, vol.55, issue.3, pp.38-42, 2012.
DOI : 10.5120/8738-2991
URL : http://research.ijcaonline.org/volume55/number3/pxc3882991.pdf

A. Kivity, Y. Kamay, D. Laor, U. Lublin, and A. Liguori, KVM: the Linux Virtual Machine Monitor, Proceedings of the 2007 Ottawa Linux Symposium (OLS-07, 2007.

P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris et al., Xen and the art of virtualization, ACM SIGOPS Operating Systems Review, vol.37, issue.5, pp.164-177, 2003.
DOI : 10.1145/1165389.945462

C. A. Waldspurger, Memory Resource Management in VMware ESX Server, Proceedings of the 5th Symposium on Operating Systems Design and implementation- Copyright Restrictions Prevent ACM from Being Able to Make the PDFs for This Conference Available for Downloading, OSDI '02, pp.181-194, 2002.
DOI : 10.1145/1060289.1060307
URL : http://www.stanford.edu/class/cs240/readings/cs240-annot-esx.pdf

R. Moreno-vozmediano, R. Montero, and I. Llorente, IaaS Cloud Architecture: From Virtualized Datacenters to Federated Cloud Infrastructures, Computer, vol.45, issue.12, pp.65-72, 2012.
DOI : 10.1109/MC.2012.76

G. J. Popek and R. P. Goldberg, Formal requirements for virtualizable third generation architectures, Communications of the ACM, vol.17, issue.7, pp.412-421, 1974.
DOI : 10.1145/361011.361073

K. Adams and O. Agesen, A Comparison of Software and Hardware Techniques for x86 Virtualization, Proceedings of the 12th International Conference on Architectural Support for Programming Languages and Operating Systems, pp.2-13, 2006.

R. Uhlig, G. Neiger, D. Rodgers, A. L. Santoni, F. C. Martins et al., Intel virtualization technology, Computer, vol.38, issue.5, pp.48-56, 2005.
DOI : 10.1109/MC.2005.163

D. Bernstein, Containers and Cloud: From LXC to Docker to Kubernetes, IEEE Cloud Computing, vol.1, issue.3, pp.81-84, 2014.
DOI : 10.1109/MCC.2014.51

M. Casado, M. J. Freedman, J. Pettit, J. Luo, N. Mckeown et al., Ethane, ACM SIGCOMM Computer Communication Review, vol.37, issue.4, pp.1-12, 2007.
DOI : 10.1145/1282427.1282382

N. Mckeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson et al., OpenFlow, ACM SIGCOMM Computer Communication Review, vol.38, issue.2, pp.69-74, 2008.
DOI : 10.1145/1355734.1355746

A. Doria, J. H. Salim, R. Haas, W. Wang, L. Dong et al., Forwarding and Control Element Separation (ForCES) Protocol Specification, 2010.
DOI : 10.17487/rfc5810

H. Song, Protocol-oblivious forwarding, Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking, HotSDN '13, pp.127-132, 2013.
DOI : 10.1145/2491185.2491190

N. Gude, T. Koponen, J. Pettit, B. Pfaff, M. Casado et al., NOX, ACM SIGCOMM Computer Communication Review, vol.38, issue.3, pp.105-110, 2008.
DOI : 10.1145/1384609.1384625

R. Sherwood, G. Gibb, K. Kiong-yap, M. Casado, N. Mckeown et al., FlowVisor: A Network Virtualization Layer, 2009.

D. Drutskoy, E. Keller, and J. Rexford, Scalable Network Virtualization in Software-Defined Networks, IEEE Internet Computing, vol.17, issue.2, pp.20-27, 2013.
DOI : 10.1109/MIC.2012.144
URL : http://www.cs.princeton.edu/~jrex/papers/ieeeinternet12.pdf

C. S. Li, B. L. Brech, S. Crowder, D. M. Dias, H. Franke et al., Software defined environments: An introduction, IBM Journal of Research and Development, vol.58, issue.2/3, pp.1-1, 2014.
DOI : 10.1147/JRD.2014.2298134

L. T. Heberlein and M. Bishop, Attack Class: Address Spoofing, Proceedings of the 19th National Information Systems Security Conference, pp.371-377, 1996.

W. M. Eddy, TCP SYN flooding attacks and common mitigations, 2007.
DOI : 10.17487/rfc4987
URL : https://www.rfc-editor.org/rfc/pdfrfc/rfc4987.txt.pdf

N. Karapanos and S. Capkun, On the Effective Prevention of TLS Man-in-themiddle Attacks in Web Applications DNS flaw for cache poisoning attacks, Proceedings of the 23rd USENIX Conference on Security Symposium, pp.671-686, 2014.

D. Moore, V. Paxson, S. Savage, C. Shannon, S. Staniford et al., Inside the slammer worm, IEEE Security & Privacy Magazine, vol.1, issue.4, pp.33-39, 2003.
DOI : 10.1109/MSECP.2003.1219056

T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, Hey, you, get off of my cloud, Proceedings of the 16th ACM conference on Computer and communications security, CCS '09, pp.199-212, 2009.
DOI : 10.1145/1653662.1653687

". N. Elhage, Virtunoid: Breaking out of KVM

J. Somorovsky, M. Heiderich, M. Jensen, J. Schwenk, N. Gruschka et al., All your clouds are belong to us, Proceedings of the 3rd ACM workshop on Cloud computing security workshop, CCSW '11, pp.3-14, 2011.
DOI : 10.1145/2046660.2046664

R. Bejtlich, The Tao of Network Security Monitoring: Beyond Intrusion Detection, 2004.

S. Kent and R. Atkinson, Security Architecture for the Internet Protocol, 1998.

E. Rescorla and N. Modadugu, Datagram Transport Layer Security Version 1.2, RFC, vol.6347, 2012.
DOI : 10.17487/rfc6347

M. Wahl, H. Alvestrand, J. Hodges, and R. Morgan, Authentication Methods for LDAP, 2000.
DOI : 10.17487/rfc2829
URL : http://ietfreport.isoc.org/cgi-bin/id2pdf?f1=draft-ietf-ldapext-authmeth-00.txt

J. Kohl and C. Neuman, The Kerberos Network Authentication Service (V5), 1993.
DOI : 10.17487/rfc1510
URL : https://www.rfc-editor.org/rfc/pdfrfc/rfc1510.txt.pdf

K. A. Scarfone and P. M. , SP 800-94. Guide to Intrusion Detection and Prevention Systems (IDPS), tech. rep, 2007.

S. Axelsson, Intrusion Detection Systems: A Survey and Taxonomy, " tech. rep, 2000.

C. Modi, D. Patel, B. Borisaniya, H. Patel, A. Patel et al., A survey of intrusion detection techniques in Cloud, Journal of Network and Computer Applications, vol.36, issue.1, pp.42-57, 2013.
DOI : 10.1016/j.jnca.2012.05.003

P. García-teodoro, J. Díaz-verdejo, G. Maciá-fernández, and E. Vázquez, Anomaly-based network intrusion detection: Techniques, systems and challenges, Computers & Security, vol.28, issue.1-2, pp.18-28, 2009.
DOI : 10.1016/j.cose.2008.08.003

V. Paxson, Bro: a system for detecting network intruders in real-time, Computer Networks, vol.31, issue.23-24, pp.2435-2463, 1999.
DOI : 10.1016/S1389-1286(99)00112-7

W. R. Cheswick, S. M. Bellovin, and A. D. Rubin, Firewalls and Internet Security: Repelling the Wily Hacker, 2003.

A. D. Keromytis and V. Prevelakis, Designing Firewalls: A Survey SP 800-41 Rev. 1. Guidelines on Firewalls and Firewall Policy, tech. rep, pp.33-49, 2006.
DOI : 10.1002/9780470099742.ch3

J. Wang, A. Stavrou, and A. Ghosh, HyperCheck: A Hardware-Assisted Integrity Monitor, Proceedings of the 13th International Conference on Recent Advances in Intrusion Detection, pp.158-177, 2010.
DOI : 10.1007/978-3-642-15512-3_9

A. M. Azab, P. Ning, Z. Wang, X. Jiang, X. Zhang et al., HyperSentry, Proceedings of the 17th ACM conference on Computer and communications security, CCS '10, pp.38-49, 2010.
DOI : 10.1145/1866307.1866313

Z. Wang and X. Jiang, HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity, 2010 IEEE Symposium on Security and Privacy, pp.380-395, 2010.
DOI : 10.1109/SP.2010.30
URL : http://www.csc.ncsu.edu/faculty/jiang/pubs/OAKLAND10.pdf

N. L. Petroni, J. , T. Fraser, J. Molina, and W. A. Arbaugh, Copilot -a Coprocessor-based Kernel Runtime Integrity Monitor, Proceedings of the 13th Conference on USENIX Security Symposium, pp.13-13, 2004.

Z. Wang, X. Jiang, W. Cui, and P. Ning, Countering kernel rootkits with lightweight hook protection, Proceedings of the 16th ACM conference on Computer and communications security, CCS '09, pp.545-554, 2009.
DOI : 10.1145/1653662.1653728
URL : http://discovery.csc.ncsu.edu/~pning/pubs/ccs09-HookSafe.pdf

A. Baliga, V. Ganapathy, and L. Iftode, Automatic Inference and Enforcement of Kernel Data Structure Invariants, 2008 Annual Computer Security Applications Conference (ACSAC), pp.77-86, 2008.
DOI : 10.1109/ACSAC.2008.29

B. Dolan-gavitt, T. Leek, M. Zhivich, J. Giffin, and W. Lee, Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection, 2011 IEEE Symposium on Security and Privacy, pp.297-312, 2011.
DOI : 10.1109/SP.2011.11

S. Bahram, X. Jiang, Z. Wang, M. Grace, J. Li et al., DKSM: Subverting Virtual Machine Introspection for Fun and Profit, 2010 29th IEEE Symposium on Reliable Distributed Systems, pp.82-91, 2010.
DOI : 10.1109/SRDS.2010.39
URL : http://www.csc.ncsu.edu/faculty/jiang/pubs/SRDS10.pdf

B. D. Payne, D. D. Martim, and W. Lee, Secure and Flexible Monitoring of Virtual Machines, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007), pp.385-397, 2007.
DOI : 10.1109/ACSAC.2007.10

. Libvmi, https://github.com/libvmi/libvmi/releases. Accessed, p.2016

C. Mazzariello, R. Bifulco, and R. Canonico, Integrating a network IDS into an open source Cloud Computing environment, 2010 Sixth International Conference on Information Assurance and Security, pp.265-270, 2010.
DOI : 10.1109/ISIAS.2010.5604069

M. Ficco, L. Tasquier, and R. Aversa, Intrusion Detection in Cloud Computing, 2013 Eighth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, pp.276-283, 2013.
DOI : 10.1109/3PGCIC.2013.47

K. Kourai and S. Chiba, HyperSpector, Proceedings of the 1st ACM/USENIX international conference on Virtual execution environments , VEE '05, pp.197-207, 2005.
DOI : 10.1145/1064979.1065006

B. D. Payne, M. Carbone, M. Sharif, and W. Lee, Lares: An Architecture for Secure Active Monitoring Using Virtualization, 2008 IEEE Symposium on Security and Privacy (sp 2008), pp.233-247, 2008.
DOI : 10.1109/SP.2008.24

F. Lombardi and R. D. Pietro, KvmSec, Proceedings of the 2009 ACM symposium on Applied Computing, SAC '09, pp.2029-2034, 2009.
DOI : 10.1145/1529282.1529733

A. Srivastava and J. Giffin, Tamper-Resistant, Application-Aware Blocking of Malicious Network Connections, pp.39-58, 2008.
DOI : 10.1007/978-3-540-87403-4_3

K. Kourai, T. Azumi, and S. Chiba, A Self-Protection Mechanism against Stepping-Stone Attacks for IaaS Clouds, 2012 9th International Conference on Ubiquitous Intelligence and Computing and 9th International Conference on Autonomic and Trusted Computing, pp.539-546, 2012.
DOI : 10.1109/UIC-ATC.2012.139
URL : http://www.csg.ci.i.u-tokyo.ac.jp/paper/kourai-atc12.pdf

A. Wailly, M. Lacoste, and H. Debar, VESPA, Proceedings of the 9th international conference on Autonomic computing, ICAC '12, pp.155-160, 2012.
DOI : 10.1145/2371536.2371564
URL : https://hal.archives-ouvertes.fr/hal-00738174

. Spoofguard, vmware.com/ NSX-6/index.jsp?topic=%2Fcom.vmware.nsx.admin.doc% 2FGUID-F11F7B52-70EB-4532-9E0E-2FCB64707A1D.html. Accessed: 2017. [133] " VMware inc. TrustPoint, p.2017

D. Serrano, S. Bouchenak, Y. Kouki, F. A. De-oliveira-jr, T. Ledoux et al., SLA guarantees for cloud services, Future Generation Computer Systems, vol.54, pp.233-246, 2016.
DOI : 10.1016/j.future.2015.03.018
URL : https://hal.archives-ouvertes.fr/hal-01162654

A. Giannakou, L. Rillling, J. Pazat, F. Majorczyk, and C. Morin, Towards Self Adaptable Security Monitoring in IaaS Clouds, 2015 15th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, pp.737-740, 2015.
DOI : 10.1109/CCGrid.2015.133
URL : https://hal.archives-ouvertes.fr/hal-01165134

D. J. Barrett, R. E. Silverman, and . Ssh, The Secure Shell: The Definitive Guide, 2001.

A. Giannakou, L. Rilling, J. L. Pazat, and C. Morin, Al-safe: A secure selfadaptable application-level firewall for iaas clouds, 2016 IEEE International Conference on Cloud Computing Technology and Science (CloudCom), pp.383-390, 2016.
URL : https://hal.archives-ouvertes.fr/hal-01363540