Learning Stochastic Regular Grammars by Means of a State Merging Method
ICGI '94 Proceedings of the Second International Colloquium on Grammatical Inference and Applications
Safe Virtual Execution Using Software Dynamic Translation
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Intrusion Detection via Static Analysis
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Scenario graphs and attack graphs
Scenario graphs and attack graphs
Detecting Stealth Software with Strider GhostBuster
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
Resilience for the Scalability of Dependability
NCA '05 Proceedings of the Fourth IEEE International Symposium on Network Computing and Applications
Protecting host-based intrusion detectors through virtual machines
Computer Networks: The International Journal of Computer and Telecommunications Networking
Copilot - a coprocessor-based kernel runtime integrity monitor
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Exploring Multiple Execution Paths for Malware Analysis
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Behavior-based spyware detection
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Antfarm: tracking processes in a virtual machine environment
ATEC '06 Proceedings of the annual conference on USENIX '06 Annual Technical Conference
Intrusion detection using sequences of system calls
Journal of Computer Security
Diagnosing misconfiguration with dynamic detection of configuration invariants
HotDep'07 Proceedings of the 3rd workshop on on Hot Topics in System Dependability
VMM-based hidden process detection and identification using Lycosid
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
VNIDA: Building an IDS Architecture Using VMM-Based Non-Intrusive Approach
WKDD '08 Proceedings of the First International Workshop on Knowledge Discovery and Data Mining
Semantics-Driven Introspection in a Virtual Environment
IAS '08 Proceedings of the 2008 The Fourth International Conference on Information Assurance and Security
Ether: malware analysis via hardware virtualization extensions
Proceedings of the 15th ACM conference on Computer and communications security
Multi-aspect profiling of kernel rootkit behavior
Proceedings of the 4th ACM European conference on Computer systems
Transparent Process Monitoring in a Virtual Environment
Electronic Notes in Theoretical Computer Science (ENTCS)
Measuring Semantic Integrity for Remote Attestation
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Secure in-VM monitoring using hardware virtualization
Proceedings of the 16th ACM conference on Computer and communications security
A Novel Program Analysis Method Based on Execution Path Correlation
KAM '09 Proceedings of the 2009 Second International Symposium on Knowledge Acquisition and Modeling - Volume 02
ACM Transactions on Information and System Security (TISSEC)
MAVMM: Lightweight and Purpose Built VMM for Malware Analysis
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Scalable integrity monitoring in virtualized environments
Proceedings of the fifth ACM workshop on Scalable trusted computing
Malware Detection and Kernel Rootkit Prevention in Cloud Computing Environments
PDP '11 Proceedings of the 2011 19th International Euromicro Conference on Parallel, Distributed and Network-Based Processing
Secure virtualization for cloud computing
Journal of Network and Computer Applications
Virtual machine monitor-based lightweight intrusion detection
ACM SIGOPS Operating Systems Review
CyberGuarder: A virtualization security assurance architecture for green cloud computing
Future Generation Computer Systems
Addressing cloud computing security issues
Future Generation Computer Systems
VMDetector: A VMM-based Platform to Detect Hidden Process by Multi-view Comparison
HASE '11 Proceedings of the 2011 IEEE 13th International Symposium on High-Assurance Systems Engineering
Varieties of learning automata: an overview
IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics
A security analysis of amazon's elastic compute cloud service
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Editorial: The management of cloud systems
Future Generation Computer Systems
Hi-index | 0.00 |
Despite the increasing interest around cloud concepts, current cloud technologies and services related to security are not mature enough to enable a more widespread industrial acceptance of cloud systems. Providing an adequate level of resilience to cloud services is a challenging problem due to the complexity of the environment as well as the need for efficient solutions that could preserve cloud benefits over other solutions. In this paper we provide the architectural design, implementation details, and performance results for a customizable resilience service solution for cloud guests. This solution leverages execution path analysis. In particular, we propose an architecture that can trace, analyze and control live virtual machine activity as well as intervened code and data modifications-possibly due to either malicious attacks or software faults. Execution path analysis allows the virtual machine manager (VMM) to trace the VM state and to prevent such a guest from reaching faulty states. We evaluated the effectiveness and performance trade-off of our prototype on a real cloud test bed. Experimental results support the viability of the proposed solution.