A recovery-based Intrusion Tolerance System (ITS) removes malicious attacks periodically and guarantees uninterrupted services; thereby it could be an alternative security solution for service-oriented platforms like Cloud. However, the recovery-based ITS is limited to deal with attacks such as Denial of Service (DoS) before cleansing period, which affects the service quality. It also requires many resources for service (availability) and security (redundancy). In order to achieve the purpose of the ITS and Cloud simultaneously, three schemes in the recovery-based ITS are proposed in this paper. It is proved that these schemes are good for (i) maintaining uninterrupted service response time using VM provision, (ii) preventing waste of resources by VM deletion, and (iii) strengthening security level using the mitigating mechanism against two type of DoS (of DDoS). The performance of the proposed schemes is verified by CloudSim, which is a cloud computing simulator.