IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Time and area efficient pattern matching on FPGAs
FPGA '04 Proceedings of the 2004 ACM/SIGDA 12th international symposium on Field programmable gate arrays
Intrusion Detection in Virtual Machine Environments
EUROMICRO '04 Proceedings of the 30th EUROMICRO Conference
Gigabit Rate Packet Pattern-Matching Using TCAM
ICNP '04 Proceedings of the 12th IEEE International Conference on Network Protocols
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 6 - Volume 07
ReVirt: enabling intrusion analysis through virtual-machine logging and replay
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
HyperSpector: virtual distributed monitoring environments for secure intrusion detection
Proceedings of the 1st ACM/USENIX international conference on Virtual execution environments
The Architecture of Virtual Machines
Computer
An example of communication between security tools: iptables - snort
ACM SIGOPS Operating Systems Review
Detecting past and present intrusions through vulnerability-specific predicates
Proceedings of the twentieth ACM symposium on Operating systems principles
Fast and scalable pattern matching for content filtering
Proceedings of the 2005 ACM symposium on Architecture for networking and communications systems
Xen and the art of repeated research
ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
VNIDA: Building an IDS Architecture Using VMM-Based Non-Intrusive Approach
WKDD '08 Proceedings of the First International Workshop on Knowledge Discovery and Data Mining
The definitive guide to the xen hypervisor
The definitive guide to the xen hypervisor
Virtualization and Hardware-Based Security
IEEE Security and Privacy
A guest-transparent file integrity monitoring method in virtualization environment
Computers & Mathematics with Applications
Virtual machine monitor-based lightweight intrusion detection
ACM SIGOPS Operating Systems Review
Virtualization: Issues, security threats, and solutions
ACM Computing Surveys (CSUR)
A VMM-based intrusion prevention system in cloud computing environment
The Journal of Supercomputing
| Hi-index | 0.00 |
Intrusion Prevention System (IPS) has been an effective tool to detect and prevent unwanted attempts, which are mainly through network and system vulnerabilities, at accessing and manipulating computer systems. Intrusion detection and prevention are two main functions of IPS. As attacks are becoming massive and complex, the traditional centralized IPSes are incapable of detecting all those attempts. The existing distributed IPSes, mainly based on mobile agent, have some serious problems, such as weak security of mobile agents, response latency, large code size. In this paper, we propose a customized intrusion prevention system, VMFence, in distributed virtual computing environment to simplify the complexity of the management. In VMFence, the states of detection processes vary with those of Virtual Machines (VMs), which are described by Deterministic Finite Automata (DFA). The detection processes, each of which detects one virtual machine, reside in a privileged virtual machine. The processes run synchronously and outside of VMs in order to achieve high performance and security. The experimental results also show VMFence has higher detection efficiency than traditional intrusion detection systems and little impact on the performance of the monitored VMs.