The design and implementation of tripwire: a file system integrity checker
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
Vigilante: end-to-end containment of internet worms
Proceedings of the twentieth ACM symposium on Operating systems principles
Reducing TCB size by using untrusted components: small kernels versus virtual-machine monitors
Proceedings of the 11th workshop on ACM SIGOPS European workshop
Closing Cluster Attack Windows Through Server Redundancy and Rotations
CCGRID '06 Proceedings of the Sixth IEEE International Symposium on Cluster Computing and the Grid
Defeating DDoS attacks by fixing the incentive chain
ACM Transactions on Internet Technology (TOIT)
Journal of Parallel and Distributed Computing - Special issue: Security in grid and distributed systems
QEMU, a fast and portable dynamic translator
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Stealthy malware detection through vmm-based "out-of-the-box" semantic view reconstruction
Proceedings of the 14th ACM conference on Computer and communications security
Resilient Intrusion Tolerance through Proactive and Reactive Recovery
PRDC '07 Proceedings of the 13th Pacific Rim International Symposium on Dependable Computing
Forensics examination of volatile system data using virtual introspection
ACM SIGOPS Operating Systems Review
Lares: An Architecture for Secure Active Monitoring Using Virtualization
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Efficient state transfer for hypervisor-based proactive recovery
Proceedings of the 2nd workshop on Recent advances on intrusiton-tolerant systems
Guest-Transparent Prevention of Kernel Rootkits with VMM-Based Memory Shadowing
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Virtualization and Digital Forensics: A Research and Education Agenda
Journal of Digital Forensic Practice
New Techniques for Private Stream Searching
ACM Transactions on Information and System Security (TISSEC)
Virtualization and Hardware-Based Security
IEEE Security and Privacy
A break in the clouds: towards a cloud definition
ACM SIGCOMM Computer Communication Review
Virtual machines jailed: virtualization in systems with small trusted computing bases
Proceedings of the 1st EuroSys Workshop on Virtualization Technology for Dependable Systems
IBMon: monitoring VMM-bypass capable InfiniBand devices using memory introspection
Proceedings of the 3rd ACM Workshop on System-level Virtualization for High Performance Computing
KvmSec: a security extension for Linux kernel virtual machines
Proceedings of the 2009 ACM symposium on Applied Computing
Challenges and opportunities for virtualized security in the clouds
Proceedings of the 14th ACM symposium on Access control models and technologies
ACM SIGACT News
What's inside the Cloud? An architectural map of the Cloud landscape
CLOUD '09 Proceedings of the 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing
Engineering the cloud from software modules
CLOUD '09 Proceedings of the 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing
Taking account of privacy when designing cloud computing services
CLOUD '09 Proceedings of the 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing
The Eucalyptus Open-Source Cloud-Computing System
CCGRID '09 Proceedings of the 2009 9th IEEE/ACM International Symposium on Cluster Computing and the Grid
Cloud Computing Resource Management through a Grid Middleware: A Case Study with DIET and Eucalyptus
CLOUD '09 Proceedings of the 2009 IEEE International Conference on Cloud Computing
Proceedings of the First Asia-Pacific Symposium on Internetware
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
Proceedings of the 16th ACM conference on Computer and communications security
Transparent security for cloud
Proceedings of the 2010 ACM Symposium on Applied Computing
A Security Management Architecture for the Protection of Kernel Virtual Machines
CIT '10 Proceedings of the 2010 10th IEEE International Conference on Computer and Information Technology
CUDACS: securing the cloud with CUDA-enabled secure virtualization
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Future Generation Computer Systems
Computers & Mathematics with Applications
A framework for preservation of cloud users' data privacy using dynamic reconstruction of metadata
Journal of Network and Computer Applications
A new cloud computing architecture for music composition
Journal of Network and Computer Applications
Towards a unified taxonomy and architecture of cloud frameworks
Future Generation Computer Systems
Pragmatic assessment of research intensive areas in cloud: a systematic review
ACM SIGSOFT Software Engineering Notes
The technical security issues in cloud computing
International Journal of Information and Communication Technology
Detection of distributed denial of service attacks in cloud computing by identifying spoofed IP
International Journal of Communication Networks and Distributed Systems
Resource virtualization and service selection in cloud logistics
Journal of Network and Computer Applications
Architecture and protocol for intercloud communication
Information Sciences: an International Journal
CloRExPa: Cloud resilience via execution path analysis
Future Generation Computer Systems
A security reference architecture for cloud systems
Proceedings of the WICSA 2014 Companion Volume
Hi-index | 0.00 |
Cloud computing adoption and diffusion are threatened by unresolved security issues that affect both the cloud provider and the cloud user. In this paper, we show how virtualization can increase the security of cloud computing, by protecting both the integrity of guest virtual machines and the cloud infrastructure components. In particular, we propose a novel architecture, Advanced Cloud Protection System (ACPS), aimed at guaranteeing increased security to cloud resources. ACPS can be deployed on several cloud solutions and can effectively monitor the integrity of guest and infrastructure components while remaining fully transparent to virtual machines and to cloud users. ACPS can locally react to security breaches as well as notify a further security management layer of such events. A prototype of our ACPS proposal is fully implemented on two current open source solutions: Eucalyptus and OpenECP. The prototype is tested against effectiveness and performance. In particular: (a) effectiveness is shown testing our prototype against attacks known in the literature; (b) performance evaluation of the ACPS prototype is carried out under different types of workload. Results show that our proposal is resilient against attacks and that the introduced overhead is small when compared to the provided features.