Using OS design patterns to provide reliability and security as-a-service for VM-based clouds

Zachary J. Estrada, Read Sprabery, Lok Yan, Zhongzhi Yu, Roy Campbell, Zbigniew Kalbarczyk, Ravishankar K. Iyer

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

This paper extends the concepts behind cloud services to offer hypervisor-based reliability and security monitors for cloud virtual machines. Cloud VMs can be heterogeneous and as such guest OS parameters needed for monitoring can vary across different VMs and must be obtained in some way. Past work involves running code inside the VM, which is unacceptable for a cloud environment.We solve this problem by recognizing that there are common OS design patterns that can be used to infer monitoring parameters from the guest OS. We extract information about the cloud user's guest OS with the user's existing VM image and knowledge of OS design patterns as the only inputs to analysis. To demonstrate the range of monitoring functionality possible with this technique, we implemented four sample monitors: a guest OS process tracer, an OS hang detector, a return-touser attack detector, and a process-based keylogger detector.

Original languageEnglish (US)
Title of host publicationVEE 2017 - Proceedings of the 2017 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments
PublisherAssociation for Computing Machinery, Inc
Pages157-170
Number of pages14
ISBN (Electronic)9781450349482
DOIs
StatePublished - Apr 8 2017
Externally publishedYes
Event2017 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, VEE 2017 - Xi'an, China
Duration: Apr 8 2017Apr 9 2017

Publication series

NameVEE 2017 - Proceedings of the 2017 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments

Other

Other2017 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, VEE 2017
CountryChina
CityXi'an
Period4/8/174/9/17

    Fingerprint

Keywords

  • Dynamic analysis
  • OS design patterns
  • Reliability
  • Security
  • Virtualization
  • Vm monitoring

ASJC Scopus subject areas

  • Computer Graphics and Computer-Aided Design
  • Human-Computer Interaction
  • Software

Cite this

Estrada, Z. J., Sprabery, R., Yan, L., Yu, Z., Campbell, R., Kalbarczyk, Z., & Iyer, R. K. (2017). Using OS design patterns to provide reliability and security as-a-service for VM-based clouds. In VEE 2017 - Proceedings of the 2017 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (pp. 157-170). (VEE 2017 - Proceedings of the 2017 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments). Association for Computing Machinery, Inc. https://doi.org/10.1145/3050748.3050759