Geiger: monitoring the buffer cache in a virtual machine environment
Proceedings of the 12th international conference on Architectural support for programming languages and operating systems
FoxyTechnique: tricking operating system policies with a virtual machine monitor
Proceedings of the 3rd international conference on Virtual execution environments
Competitive prefetching for concurrent sequential I/O
Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007
VMM-based hidden process detection and identification using Lycosid
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
Efficiently tracking application interactions using lightweight virtualization
Proceedings of the 1st ACM workshop on Virtual machine security
Hypervisor support for identifying covertly executing binaries
SS'08 Proceedings of the 17th conference on Security symposium
Task-aware virtual machine scheduling for I/O performance.
Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
The hybrid scheduling framework for virtual machine systems
Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Virtualization-based separation of privilege: working with sensitive data in untrusted environment
Proceedings of the 1st EuroSys Workshop on Virtualization Technology for Dependable Systems
BORG: block-reORGanization for self-optimizing storage systems
FAST '09 Proccedings of the 7th conference on File and storage technologies
Resource Allocation Using Virtual Clusters
CCGRID '09 Proceedings of the 2009 9th IEEE/ACM International Symposium on Cluster Computing and the Grid
Secure in-VM monitoring using hardware virtualization
Proceedings of the 16th ACM conference on Computer and communications security
Robust signatures for kernel data structures
Proceedings of the 16th ACM conference on Computer and communications security
A formal model for virtual machine introspection
Proceedings of the 1st ACM workshop on Virtual machine security
TimeCapsule: secure recording of accesses to a protected datastore
Proceedings of the 1st ACM workshop on Virtual machine security
NCQ vs. I/O scheduler: Preventing unexpected misbehaviors
ACM Transactions on Storage (TOS)
Optimizing crash dump in virtualized environments
Proceedings of the 6th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Does virtualization make disk scheduling passé?
ACM SIGOPS Operating Systems Review
Reverse engineering of binary device drivers with RevNIC
Proceedings of the 5th European conference on Computer systems
Task-aware based co-scheduling for virtual machine system
Proceedings of the 2010 ACM Symposium on Applied Computing
"Out-of-the-Box" monitoring of VM-based high-interaction honeypots
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Virtualization-based techniques for enabling multi-tenant management tools
DSOM'07 Proceedings of the Distributed systems: operations and management 18th IFIP/IEEE international conference on Managing virtualization of networks and services
Mixing concrete and symbolic execution to improve the performance of dynamic test generation
NTMS'09 Proceedings of the 3rd international conference on New technologies, mobility and security
Differential virtual time (DVT): rethinking I/O service differentiation for virtual machines
Proceedings of the 1st ACM symposium on Cloud computing
A guest-transparent file integrity monitoring method in virtualization environment
Computers & Mathematics with Applications
Resource allocation algorithms for virtualized service hosting platforms
Journal of Parallel and Distributed Computing
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Trail of bytes: efficient support for forensic analysis
Proceedings of the 17th ACM conference on Computer and communications security
An architecture for secure software defined radio
Proceedings of the Conference on Design, Automation and Test in Europe
dAnubis: dynamic device driver analysis based on virtual machine introspection
DIMVA'10 Proceedings of the 7th international conference on Detection of intrusions and malware, and vulnerability assessment
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
SymCall: symbiotic virtualization through VMM-to-guest upcalls
Proceedings of the 7th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
FAST'11 Proceedings of the 9th USENIX conference on File and stroage technologies
Kaleidoscope: cloud micro-elasticity via VM state coloring
Proceedings of the sixth conference on Computer systems
Transparently bridging semantic gap in CPU management for virtualized environments
Journal of Parallel and Distributed Computing
Simulating windows-based cyber attacks using live virtual machine introspection
Proceedings of the 2010 Summer Computer Simulation Conference
Virtual machine monitor-based lightweight intrusion detection
ACM SIGOPS Operating Systems Review
Operating system interface obfuscation and the revealing of hidden operations
DIMVA'11 Proceedings of the 8th international conference on Detection of intrusions and malware, and vulnerability assessment
Tracking payment card data flow using virtual machine state introspection
Proceedings of the 27th Annual Computer Security Applications Conference
Secure reconfiguration of software-defined radio
ACM Transactions on Embedded Computing Systems (TECS)
Scheduler support for video-oriented multimedia on client-side virtualization
Proceedings of the 3rd Multimedia Systems Conference
Architecture- and OS-Independent binary-level dynamic test generation
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
An introspection-based memory scraper attack against virtualized point of sale systems
FC'11 Proceedings of the 2011 international conference on Financial Cryptography and Data Security
Controlling the speed of virtual time for malware deactivation
Proceedings of the Asia-Pacific Workshop on Systems
Shifting GEARS to enable guest-context virtual services
Proceedings of the 9th international conference on Autonomic computing
Controlling the speed of virtual time for malware deactivation
APSys'12 Proceedings of the Third ACM SIGOPS Asia-Pacific conference on Systems
Secure and robust monitoring of virtual machines through guest-assisted introspection
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Securing cloud storage systems through a virtual machine monitor
Proceedings of the First International Workshop on Secure and Resilient Architectures and Systems
Identifying OS kernel objects for run-time security analysis
NSS'12 Proceedings of the 6th international conference on Network and System Security
InkTag: secure applications on an untrusted operating system
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
Proceedings of the 9th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Scheduling para-virtualized virtual machines based on events
Future Generation Computer Systems
Virtual TCP offload: optimizing ethernet overlay performance on advanced interconnects
Proceedings of the 22nd international symposium on High-performance parallel and distributed computing
System-Level support for intrusion recovery
DIMVA'12 Proceedings of the 9th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection
ACM Transactions on Information and System Security (TISSEC)
Subverting system authentication with context-aware, reactive virtual machine introspection
Proceedings of the 29th Annual Computer Security Applications Conference
CloRExPa: Cloud resilience via execution path analysis
Future Generation Computer Systems
Real-time deep virtual machine introspection and its applications
Proceedings of the 10th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Virtual asymmetric multiprocessor for interactive performance of consolidated desktops
Proceedings of the 10th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Hi-index | 0.00 |
In a virtualized environment, the VMM is the system's primary resource manager. Some services usually implemented at the OS layer, like I/O scheduling or certain kinds of security monitoring, are therefore more naturally implemented inside the VMM. Implementing such services at the VMM layer can be complicated by the lack of OS and application-level knowledge within a VMM. This paper describes techniques that can be used by a VMM to independently overcome part of the "semantic gap" separating it from the guest operating systems it supports. These techniques enable the VMM to track the existence and activities of operating system processes. Antfarm is an implementation of these techniques that works without detailed knowledge of a guest's internal architecture or implementation. An evaluation of Antfarm for two virtualization environments and two operating systems shows that it can accurately infer process events while incurring only a small 2.5% runtime overhead in the worst case. To demonstrate the practical benefits of process information in a VMM we implement an anticipatory disk scheduler at the VMM level. This case study shows that significant disk throughput improvements are possible in a virtualized environment by exploiting process information within a VMM.