Design & analysis of fault tolerant digital systems
Design & analysis of fault tolerant digital systems
Hypervisor-based fault tolerance
ACM Transactions on Computer Systems (TOCS) - Special issue on operating system principles
Virtual-machine-based heterogeneous checkpointing
Software—Practice & Experience
ReVirt: enabling intrusion analysis through virtual-machine logging and replay
ACM SIGOPS Operating Systems Review - OSDI '02: Proceedings of the 5th symposium on Operating systems design and implementation
When Virtual Is Better Than Real
HOTOS '01 Proceedings of the Eighth Workshop on Hot Topics in Operating Systems
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Intrusion Detection in Virtual Machine Environments
EUROMICRO '04 Proceedings of the 30th EUROMICRO Conference
Detecting Stealth Software with Strider GhostBuster
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
Detecting past and present intrusions through vulnerability-specific predicates
Proceedings of the twentieth ACM symposium on Operating systems principles
Secure coprocessor-based intrusion detection
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Debugging operating systems with time-traveling virtual machines
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Live migration of virtual machines
NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2
Copilot - a coprocessor-based kernel runtime integrity monitor
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
A user-mode port of the linux kernel
ALS'00 Proceedings of the 4th annual Linux Showcase & Conference - Volume 4
Hypervisor-Based Efficient Proactive Recovery
SRDS '07 Proceedings of the 26th IEEE International Symposium on Reliable Distributed Systems
Stealthy malware detection through vmm-based "out-of-the-box" semantic view reconstruction
Proceedings of the 14th ACM conference on Computer and communications security
IBM Journal of Research and Development
Virtualization: Issues, security threats, and solutions
ACM Computing Surveys (CSUR)
A Systematic Survey of Self-Protecting Software Systems
ACM Transactions on Autonomous and Adaptive Systems (TAAS) - Special Section on Best Papers from SEAMS 2012
| Hi-index | 0.00 |
We outline ways of leveraging virtualization for enhancing system dependability and security, and describe the practical realization of some of these enhancements using the Xen open-source virtual machine monitor (VMM). Using combinatorial modeling, we perform reliability analysis of multiple design choices when a single physical server is used to host multiple virtual servers. The analysis shows that unless certain conditions (e.g., regarding the number of virtual servers) are met, virtualization could decrease the reliability of a single physical server. The analysis also shows that improving the reliability of the VMM is crucial to improving the reliability of a virtualized physical node. Motivated by this observation, we show how the enhancements we have implemented can be combined to produce a more reliable Xen VMM architecture, called R-Xen. The Xen VMM consists of a hypervisor core and a privileged virtual machine (VM) called Dom0. Dom0, being much bulkier than the hypervisor core, is the weak link for Xen reliability. Consequently, R-Xen focuses on improving the reliability of Dom0 through replication in which Dom0 replicas mutually monitor each other for intrusion and faults. R-Xen converts more severe Dom0 replica faults into fail-stop behavior, and rejuvenates a failed replica. The approach is transparent and does not require any modifications to regular Xen VMs (user domains).