Debugging Parallel Programs with Instant Replay
IEEE Transactions on Computers
A Retrospective on the VAX VMM Security Kernel
IEEE Transactions on Software Engineering
Optimal tracing and incremental reexecution for debugging long-running programs
PLDI '94 Proceedings of the ACM SIGPLAN 1994 conference on Programming language design and implementation
Hypervisor-based fault tolerance
ACM Transactions on Computer Systems (TOCS) - Special issue on operating system principles
Replay for concurrent non-deterministic shared-memory applications
PLDI '96 Proceedings of the ACM SIGPLAN 1996 conference on Programming language design and implementation
Cellular disco: resource management using virtual clusters on shared-memory multiprocessors
ACM Transactions on Computer Systems (TOCS)
A survey of rollback-recovery protocols in message-passing systems
ACM Computing Surveys (CSUR)
Complete Computer System Simulation: The SimOS Approach
IEEE Parallel & Distributed Technology: Systems & Technology
Framework for Testing the Fault-Tolerance of Systems Including OS and Network Aspects
HASE '01 The 6th IEEE International Symposium on High-Assurance Systems Engineering: Special Topic: Impact of Networking
Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor
Proceedings of the General Track: 2002 USENIX Annual Technical Conference
Virtual machine or virtual operating system?
Proceedings of the workshop on virtual computer systems
Using Programmer-Written Compiler Extensions to Catch Security Holes
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
When Virtual Is Better Than Real
HOTOS '01 Proceedings of the Eighth Workshop on Hot Topics in Operating Systems
Self-securing storage: protecting data in compromised system
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Libckpt: transparent checkpointing under Unix
TCON'95 Proceedings of the USENIX 1995 Technical Conference Proceedings
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
A user-mode port of the linux kernel
ALS'00 Proceedings of the 4th annual Linux Showcase & Conference - Volume 4
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Dynamic tracking of page miss ratio curve for memory management
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
On deriving unknown vulnerabilities from zero-day polymorphic and metamorphic worm exploits
Proceedings of the 12th ACM conference on Computer and communications security
Exploit hijacking: side effects of smart defenses
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Temporal search: detecting hidden malware timebombs with virtual machines
Proceedings of the 12th international conference on Architectural support for programming languages and operating systems
ExecRecorder: VM-based full-system replay for attack analysis and system recovery
Proceedings of the 1st workshop on Architectural and system support for improving software dependability
Using runtime paths for macroanalysis
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Are virtual machine monitors microkernels done right?
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Understanding data lifetime via whole system simulation
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Secure file system versioning at the block level
Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007
Staged deployment in mirage, an integrated software upgrade testing and distribution system
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Secure Sharing of an ICT Infrastructure through Vinci
AIMS '08 Proceedings of the 2nd international conference on Autonomous Infrastructure, Management and Security: Resilient Networks and Services
Architecting Dependable and Secure Systems Using Virtualization
Architecting Dependable Systems V
ReCrash: Making Software Failures Reproducible by Preserving Object States
ECOOP '08 Proceedings of the 22nd European conference on Object-Oriented Programming
Efficiently tracking application interactions using lightweight virtualization
Proceedings of the 1st ACM workshop on Virtual machine security
FlashBox: a system for logging non-deterministic events in deployed embedded systems
Proceedings of the 2009 ACM symposium on Applied Computing
Measuring Semantic Integrity for Remote Attestation
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Putting Trojans on the Horns of a Dilemma: Redundancy for Information Theft Detection
Transactions on Computational Science IV
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Virtualized recomposition: Cloudy or clear?
CLOUD '09 Proceedings of the 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing
Software Profiling for Deterministic Replay Debugging of User Code
Proceedings of the 2006 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the fifth SoMeT_06
Cloud security is not (just) virtualization security: a short paper
Proceedings of the 2009 ACM workshop on Cloud computing security
Cumulative attestation kernels for embedded systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Lightweight live migration for high availability cluster service
SSS'10 Proceedings of the 12th international conference on Stabilization, safety, and security of distributed systems
Striking a new balance between program instrumentation and debugging time
Proceedings of the sixth conference on Computer systems
WiDS checker: combating bugs in distributed systems
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Executing mobile applications on the cloud: Framework and issues
Computers & Mathematics with Applications
Exploiting parallelism in deterministic shared memory multiprocessing
Journal of Parallel and Distributed Computing
Speculative Memory State Transfer for Active-Active Fault Tolerance
CCGRID '12 Proceedings of the 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012)
Security analysis of public cloud computing
International Journal of Communication Networks and Distributed Systems
RaceFree: an efficient multi-threading model for determinism
Proceedings of the 18th ACM SIGPLAN symposium on Principles and practice of parallel programming
A survey of security issues in hardware virtualization
ACM Computing Surveys (CSUR)
A survey of migration mechanisms of virtual machines
ACM Computing Surveys (CSUR)
Interactive record/replay for web application debugging
Proceedings of the 26th annual ACM symposium on User interface software and technology
COLO: COarse-grained LOck-stepping virtual machines for non-stop service
Proceedings of the 4th annual Symposium on Cloud Computing
Direct code execution: revisiting library OS architecture for reproducible network experiments
Proceedings of the ninth ACM conference on Emerging networking experiments and technologies
Hi-index | 0.00 |
Current system loggers have two problems: they depend on the integrity of the operating system being logged, and they do not save sufficient information to replay and analyze attacks that include any non-deterministic events. ReVirt removes the dependency on the target operating system by moving it into a virtual machine and logging below the virtual machine. This allows ReVirt to replay the system's execution before, during, and after an intruder compromises the system, even if the intruder replaces the target operating system. ReVirt logs enough information to replay a long-term execution of the virtual machine instruction-by-instruction. This enables it to provide arbitrarily detailed observations about what transpired on the system, even in the presence of non-deterministic attacks and executions. ReVirt adds reasonable time and space overhead. Overheads due to virtualization are imperceptible for interactive use and CPU-bound workloads, and 13--58% for kernel-intensive workloads. Logging adds 0--8% overhead, and logging traffic for our workloads can be stored on a single disk for several months.