论文信息 - An In-VM Measuring Framework for Increasing Virtual Machine Security in Clouds

An In-VM Measuring Framework for Increasing Virtual Machine Security in Clouds

Cloud computing relies heavily on virtualization. Virtualization technology has developed rapidly because of the rapid decrease in hardware cost and concurrent increase in hardware computing power. A virtual machine monitor (VMM, also called a hγpervisor) between the hardware and the OS enables multiple virtual machines (VMs) to run on top of a single physical machine. The VMM manages scheduling and dispatching the physical resources to the individual VMs as needed, and the VMs appear to users as separate computers. Widely used virtualization technologies include VMWare, Xen, Denali, and the Kernel-Based Virtual Machine (KVM). In this framework, a module measures executables running in virtual machines (VMs) and transfers the values to a trusted VM. Comparing those values to a reference table containing the trusted measurement values of running executables verifies the executable/s status.

Minglu Li | Qian Liu | Yuan Luo | Chuliang Weng

[1] Marianne Shaw,et al. Denali: Lightweight Virtual Machines for Distributed and Networked Applications , 2001 .

[2] Trent Jaeger,et al. Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.

[3] Xuxian Jiang,et al. Countering kernel rootkits with lightweight hook protection , 2009, CCS.

[4] Tal Garfinkel,et al. A Virtual Machine Introspection Based Architecture for Intrusion Detection , 2003, NDSS.

[5] Anoop Gupta,et al. SPLASH: Stanford parallel applications for shared-memory , 1992, CARN.

[6] Beng-Hong Lim,et al. Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor , 2001, USENIX Annual Technical Conference, General Track.

[7] Wenke Lee,et al. Lares: An Architecture for Secure Active Monitoring Using Virtualization , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[8] Adrian Perrig,et al. SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes , 2007, SOSP.

[9] Wenke Lee,et al. Secure in-VM monitoring using hardware virtualization , 2009, CCS.

[10] Henry L. Owen,et al. Detecting and categorizing kernel-level rootkits to aid future detection , 2006, IEEE Security & Privacy Magazine.