Secure Virtualization Environment Based on Advanced Memory Introspection

Zhang, Shuhui; Meng, Xing; Wang, Lianhai; Xu, Lijuan; Han, Xiaohui

doi:10.1155/2018/9410278

Cited by 8 publications

(6 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Multiple instances of different operating systems can share virtualized hardware resources. A hypervisor installation is installed on the server hardware to run guest operating systems [3].…”

Section: Background Virtualization Componentsmentioning

confidence: 99%

“…In this architecture, privileged partitions display and control virtual machines. This approach creates a highly controllable environment and can use additional security tools such as intrusion detection systems [2]. However, it is vulnerable because the hypervisor has one point of failure.…”

Section: Figure 3 Hypervisor Based Virtualizationmentioning

confidence: 99%

“…This makes virtualized infrastructure an attractive target for cyber-attackers to launch attacks against illegal access. Use of advanced vulnerabilities, such as software vulnerabilities in the hypervisor source code, VENOM (Virtualized Neglected Operations Manipulation) [2], allows attackers to exit the guest virtual machine and access the hyperspect in the -jacent section. Similarly, attacks such as Heart Bleed and Shellshock, which exploit operating system vulnerabilities, can be used to gain access to guest virtual machine credentials against virtualized infrastructure and the escalation of privileges through distributed denial of service.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Identification of Unsaturated Attacks in Virtualized Infrastructures With Big Data Analytics in Cloud Computing

Vinod Kumar,

Vardhan,

Subba Rao

et al. 2023

JNAO

View full text Add to dashboard Cite

Security systems to protect virtualized cloud architecture typically include two types of malware detection and security analysis. Detecting malware typically involves two steps, monitoring the hotspots at various points in the virtualized infrastructure, and then using a regularly updated attack signature database to detect the presence of malware. 'Attack. It allows real-time detection of attacks, the use of special signature databases that are vulnerable to zero- day attacks that do not have attack signatures, and therefore traditional infrastructure. cannot detect complex attacks on virtualized infrastructure. Similarly, security analysis eliminates the need for signature databases using event correlation to detect previously undetected attacks, which are often unmanaged, and the current implementation is scalable in nature. In this article, we recommend BDSA's approach to establish a three-tier system for the continuous detection of future attacks. Initially, network logs from the visiting virtual machine and client application logsare sometimes collected from the visiting virtual machines and stored in HDFS. At this point, the strengths of the attack are removed with a connection scheme and a Map Reduce analyzer. Our BDSA approach uses HDFS distribution management and Spark's map-reduction display capability to address security and speed and volume issues.

show abstract

Section: Background Virtualization Componentsmentioning

confidence: 99%

Section: Figure 3 Hypervisor Based Virtualizationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Identification of Unsaturated Attacks in Virtualized Infrastructures With Big Data Analytics in Cloud Computing

Vinod Kumar,

Vardhan,

Subba Rao

et al. 2023

JNAO

View full text Add to dashboard Cite

show abstract

“…Moreover, through interpreting the memory quintessence of the VMs and host machine, VM escape could be detected by observing the abnormal attitude pattern of the host machine. So far, a relevant written work to solve the problem of VM escape detection has not been found yet [14].…”

Section: Counter Measuresmentioning

confidence: 99%

Virtual Machine Escape in Cloud Computing Services

Abusaimeh¹

2020

IJACSA

View full text Add to dashboard Cite

It's of axioms; every progress that is devised in the field of facilitating daily life through technology is matched by many complications in terms of the methods that led to the creation of these inventions and how to maintain their sustainability, consistency, and development. In digital world that became not only as axiom of its nature, but it is now one of the main inherent features that define digital technology. Whereas Major international companies are in a big race to produce the new development and invention of their products to be supplied to markets, and all of that should be conquered within not more than a year. The immersion in that big race has to be armed with patience and deep breath. Keywords-Cloud computing; virtual machine escape; cloud security; impact of VM escape; VM escape counter measures; VM escape nature I. INTRODUCTION With virtualization world, that accelerating, competitive, and pervasive environment, you would be plagued and dominated by many restrictions and vectors in terms of acquisition of business solutions. Hence, it's effortless to build a compute of the given resources in virtualization atmosphere, in other word; we can build virtual storages, virtual CPU's, virtual memory, etc. as much as we need, where & when needed within minutes or seconds [1]. This steady, fast, exaggerated and easy increase in the nature of virtualization which is intrinsic characteristic of it compels us to dealing with a proxy-managed property. However, in virtualization each step has been made could expose us to be in the middle of a mud. Yet, we could characterize virtualization as a muddy, very flabby, slimy texture of logical components (Virtual Machine, Hypervisor, O.S.), leading to be parachuted uncovered in a confrontation with that exaggerated sprawl/stretching Orbit [2]. With all of the above, it's uneasy to hold that emulated components of virtualization entity close enough together to be functioned, give rise to a notorious vulnerability in Virtual Machines.

show abstract

“…VMI strengthen it with a stealthy and in-depth view into the behavior of malware. VEDefender [22] uses a hardware-based approach to acquire the physical memory of the host machine. XScope [23] detects malicious applications with memory introspection.…”

Section: Introductionmentioning

confidence: 99%

Tenant-Oriented Monitoring for Customized Security Services in the Cloud

Zhou

Wang

et al. 2019

Symmetry

View full text Add to dashboard Cite

The dramatic proliferation of cloud computing makes it an attractive target for malicious attacks. Increasing solutions resort to virtual machine introspection (VMI) to deal with security issues in the cloud environment. However, the existing works are not feasible to support tenants to customize individual security services based on their security requirements flexibly. Additionally, adoption of VMI-based security solutions makes tenants at the risk of exposing sensitive information to attackers. To alleviate the security and privacy anxieties of tenants, we present SECLOUD, a framework for monitoring VMs in the cloud for security analysis in this paper. By extending VMI techniques, SECLOUD provides remote tenants or their authorized security service providers with flexible interfaces for monitoring runtime information of guest virtual machines (VMs) in a non-intrusive manner. The proposed framework enhances effectiveness of monitoring by taking advantages of architectural symmetry of cloud environment. Moreover, we harden our framework with a privacy-preserving capacity for tenants. The flexibility and effectiveness of SECLOUD is demonstrated through a prototype implementation based on Xen hypervisor, which results in acceptable performance overhead.

show abstract

Secure Virtualization Environment Based on Advanced Memory Introspection

Cited by 8 publications

References 31 publications

Identification of Unsaturated Attacks in Virtualized Infrastructures With Big Data Analytics in Cloud Computing

Identification of Unsaturated Attacks in Virtualized Infrastructures With Big Data Analytics in Cloud Computing

Virtual Machine Escape in Cloud Computing Services

Tenant-Oriented Monitoring for Customized Security Services in the Cloud

Contact Info

Product

Resources

About