CryptVMI: A flexible and encrypted virtual machine introspection system in the cloud

Fangzhou Yao, Read Sprabery, Roy H. Campbell

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Virtualization has demonstrated its importance in both public and private cloud computing solutions. In such environments, multiple virtual instances run on the same physical machine concurrently. Thus, the isolation in the system is not guaranteed by the physical infrastructure anymore. Reliance on logical isolation makes a system vulnerable to attacks. Thus, Virtual Machine Introspection techniques become essential,since they simplify the process to acquire evidence for further analysis in this complex system. However, Virtual Machine Introspection tools for the cloud are usually written specifically for a single system and do not provide a standard interface to work with other security monitoring systems. Moreover, this technique breaks down the borders of the segregation between multiple tenants, which should be avoided in a public cloud computing environment. In this paper, we focus on building a flexible and encrypted Virtual Machine Introspection system, CryptVMI, to address the above concerns. Our approach maintains a client application on the user end to send queries to the cloud, as well as parse the results returned in a standard form. We also have a handler that cooperates with an introspection application in the cloud infrastructure to process queries and return encrypted results. This work shows our design and implementation of this system, and the benchmark results prove that it does not incur much performance overhead.

Original languageEnglish (US)
Title of host publicationSCC 2014 - Proceedings of the 2nd International Workshop on Security in Cloud Computing
PublisherAssociation for Computing Machinery
Pages11-17
Number of pages7
ISBN (Print)9781450328050
DOIs
StatePublished - Jan 1 2014
Event2nd International Workshop on Security in Cloud Computing, SCC 2014 - Kyoto, Japan
Duration: Jun 3 2014Jun 3 2014

Publication series

NameSCC 2014 - Proceedings of the 2nd International Workshop on Security in Cloud Computing

Other

Other2nd International Workshop on Security in Cloud Computing, SCC 2014
CountryJapan
CityKyoto
Period6/3/146/3/14

Keywords

  • cloud computing
  • confidentiality
  • virtual machine introspection
  • virtualization

ASJC Scopus subject areas

  • Software

Fingerprint Dive into the research topics of 'CryptVMI: A flexible and encrypted virtual machine introspection system in the cloud'. Together they form a unique fingerprint.

  • Cite this

    Yao, F., Sprabery, R., & Campbell, R. H. (2014). CryptVMI: A flexible and encrypted virtual machine introspection system in the cloud. In SCC 2014 - Proceedings of the 2nd International Workshop on Security in Cloud Computing (pp. 11-17). (SCC 2014 - Proceedings of the 2nd International Workshop on Security in Cloud Computing). Association for Computing Machinery. https://doi.org/10.1145/2600075.2600078