VMGuard: An integrity monitoring system for management virtual machines

Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS

Volumn , Issue , 2010, Pages 67-74

  Fang, Haifeng ^a,b   Zhao, Yiqiang ^b   Zang, Hongyong ^a,b   Huang, H Howie ^c   Song, Ying ^b   Sun, Yuzhong ^b   Liu, Zhiyong ^b  

^a UNIVERSITY OF CHINESE ACADEMY OF SCIENCES   (China)

^b INSTITUTE OF GEOLOGY AND GEOPHYSICS   (China)

^c GEORGE WASHINGTON UNIVERSITY   (United States)

Author keywords

Integrity monitoring; Remote I O; Virtual machine

Indexed keywords

CLOUD PROVIDERS; COMPUTING SYSTEM; DETECTING SYSTEMS; DISTRIBUTED ENVIRONMENTS; EXPERIMENTAL EVALUATION; INDEPENDENT ANALYSIS; INTEGRITY MEASUREMENT; INTEGRITY MONITORING; PHYSICAL NODES; REMOTE I/O; VIRTUAL MACHINES;

CLOUD COMPUTING; COMPUTER SIMULATION; COMPUTER SYSTEMS; CUSTOMER SATISFACTION; FIBER OPTIC SENSORS; MANAGEMENT; NETWORK SECURITY; SALES;

MONITORING;

EID: 79951756005     PISSN: 15219097     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICPADS.2010.44     Document Type: Conference Paper

References (25)

1. Barham, P., Dragovic, B., Fraser, K. et al.: Xen and the Art of Virtualization. In: Proc. of the 19th ACM Symp. on Operating Systems Principles 2003. pp.164-177. (Pubitemid 40929695)
2. Huizenga, G.: Cloud Computing: Coming out of the fog. In: Proc. of the Linux Symposium 2008, Valume 1, pp. 197 - 210.
3. http://aws.amazon.com/ec2/.
4. Berger, S., Cceres, R., et al.: vTPM: Virtualizing the Trusted Platform Module. In: Proc. of the 15th conference on USENIX Security Symposium, 2006.
5. Payne, B.D., Carbone, M., Sharif, M. and Lee, W.: Lares: An Architecture for Secure Active Monitoring Using Virtualization. In Proc. of the IEEE Symposium on Security and Privacy 2008, pp. 233-247.
6. Garfinkel, T., Rosenblum, M.: A Virtual Machine Introspection Based Architecture for Intrusion Detection. In: Proc.of the Network and Distributed Systems Security Symposium 2003, pp.191-206.
7. Garfinkel, T., Pfaff, B., et al.: Terra: A Virtual Machine-Based Platform for Trusted Computing. In: Proc. of the 19th ACM Symp. on Operating Systems Principles 2003, pp. 193 - 206. (Pubitemid 40929697)
8. Sailer, R., Valdez, E., Jaeger, T., et al.: sHype: Secure Hypervisor Approach to Trusted Virtualized Systems. Techn. Rep. RC23511, Feb. 2005. IBM Research Division.
9. Berger, S., Cceres, R., et al.: TVDc: managing security in the trusted virtual datacenter. In: ACM SIGOPS Operating Systems Review, Volume 42, Issue 1 (2008), pp. 40-47.
10. Hay, B., Nance, K.: Forensics Examination of Volatile System Data Using Virtual Introspection. In: OPERATING SYSTEMS REVIEW 2008, Vol 42 Number 3, pp.75-83.
11. Payne, B., Carbone, M., Lee, W.: Secure and Flexible Monitoring of Virtual Machines. In: Computer Security Applications Conference 2007, pp. 385-397.
12. Jones, S.T., Arpaci-Dusseau, A.C., Arpaci-Dusseau, R.H.: Antfarm: Tracking Processes in a Virtual Machine Environment. In: Proc. of USENIX Annual Technical Conference 2006.
13. Jiang, X., Wang, X., Xu, D.: Stealthy malware detection through vmm-based out-of-the-box semantic view reconstruction. In: Proc. of the 14th ACM conference on Computer and Communications Security 2007, pp.128 - 138.
14. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4993.
15. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3253.
16. Dan Goodin. Webhost hack wipes out data for 100, 000 sites, http://www.theregister.co.uk/2009/06/08/webhostattack.
17. Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: Proc. of the 13th conference on USENIX Security Symposium, 2004.
18. http://www.sans.org/readingroom/whitepapers/honors/linuxkernel-rootkits- protecting-systems1500.
19. Petroni, N.L., Fraser, Jr. T., Molina, J., et al.: Copilot: a Coprocessor-based Kernel Runtime Integrity Monitor. In: Proc. of the 13th conference on USENIX Security Symposium, 2004.
20. Wojtczuk, R.: Subverting the Xen Hypervisor. Black Hat USA. 2008.
21. Anthony Lineberry.: Malicious Code Injection via/dev/mem. Black Hat Europe 2009.
22. Chandra, R., Zeldovich, N., Sapuntzakis, C., S. Lam, M.: The collective: a cache-based system management architecture. In: Proc. of the 2nd conference on Symposium on Networked Systems Design and Implementation 2005, Vol.2, pp. 259-272.
23. Kumar, S., Schwan, K.: Netchannel: a VMM-level mechanism for continuous, transparent device access during VM migration. In: Pro. of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments 2008.
24. Meyer, D.T., Aggarwal, G., et al.: Parallax: virtual disks for virtual machines. In: Proc. of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008, pp. 41-54.
25. Sharif, M., Lee, W., Cui, W., et al.: Secure In-VM Monitoring Using Hardware Virtualization. In: Proc. of the 16th ACM conference on Computer and Communications Security 2009, pp.477-487.