The cloud computing is one of the most popular issues in recent years. Many service providers have provided the cloud solution using virtualization such as Amazon EC2. We are facing the new threats in the virtual environment. Since the virtual network is different to the traditional environment, we have to face with new threats that do not exist in the traditional network environment. In this paper, we provide a solution Virtual Network Guard System (VNGS) to solve the problems in virtual network that we face in the virtual environment. We modify the network interface controller in the virtual environment to limit the guest operation system access rights. We also provide a centralize management server to deploy filtering processes and collect the alert information. Finally, we evaluate the performance of our system with normal network interface controllers, and the results shows that the performance is acceptable.
[1]
Jennifer Rexford,et al.
NoHype: virtualized cloud infrastructure without the virtualization
,
2010,
ISCA.
[2]
Martín Casado,et al.
Extending Networking into the Virtualization Layer
,
2009,
HotNets.
[3]
Tal Garfinkel,et al.
Terra: a virtual machine-based platform for trusted computing
,
2003,
SOSP '03.
[4]
Tal Garfinkel,et al.
A Virtual Machine Introspection Based Architecture for Intrusion Detection
,
2003,
NDSS.
[5]
Jennifer Rexford,et al.
Eliminating the hypervisor attack surface for a more secure cloud
,
2011,
CCS '11.