The design and implementation of tripwire: a file system integrity checker
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
FS: An In-Kernel Integrity Checker and Intrusion Detection File System
LISA '04 Proceedings of the 18th USENIX conference on System administration
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 6 - Volume 07
ReVirt: enabling intrusion analysis through virtual-machine logging and replay
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
HyperSpector: virtual distributed monitoring environments for secure intrusion detection
Proceedings of the 1st ACM/USENIX international conference on Virtual execution environments
The Architecture of Virtual Machines
Computer
Understanding The Linux Kernel
Understanding The Linux Kernel
The Anatomy of the Grid: Enabling Scalable Virtual Organizations
International Journal of High Performance Computing Applications
Detecting past and present intrusions through vulnerability-specific predicates
Proceedings of the twentieth ACM symposium on Operating systems principles
A comparison of software and hardware techniques for x86 virtualization
Proceedings of the 12th international conference on Architectural support for programming languages and operating systems
A novel approach for a file-system integrity monitor tool of Xen virtual machine
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Storage-based intrusion detection: watching storage activity for suspicious behavior
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
The definitive guide to the xen hypervisor
The definitive guide to the xen hypervisor
Finding Corrupted Computers Using Imperfect Intrusion Prevention System Event Data
SAFECOMP '08 Proceedings of the 27th international conference on Computer Safety, Reliability, and Security
HPCC '08 Proceedings of the 2008 10th IEEE International Conference on High Performance Computing and Communications
VMFence: a customized intrusion prevention system in distributed virtual computing environment
Proceedings of the 3rd International Conference on Ubiquitous Information Management and Communication
Hi-index | 0.00 |
With the development of information technology, cloud computing becomes a new direction of grid computing. Cloud computing is user-centric, and provides end users with leasing service. Guaranteeing the security of user data needs careful consideration before cloud computing is widely applied in business. Virtualization provides a new approach to solve the traditional security problems and can be taken as the underlying infrastructure of cloud computing. In this paper, we propose an intrusion prevention system, VMFence, in a virtualization-based cloud computing environment, which is used to monitor network flow and file integrity in real time, and provide a network defense and file integrity protection as well. Due to the dynamicity of the virtual machine, the detection process varies with the state of the virtual machine. The state transition of the virtual machine is described via Definite Finite Automata (DFA). We have implemented VMFence on an open-source virtual machine monitor platform--Xen. The experimental results show our proposed method is effective and it brings acceptable overhead.