Name
Abstract | ||
|---|---|---|
With the development of virtualization technology, file protection in virtual machine, especially in guest OS, becomes more and more important. Traditional host-based file protection system resides the critical modules in monitored system, which is easily explored and destroyed by malwares. Moreover, in order to protect the multiple operation systems running on the same platform, it is necessary to install independent file protection system for each of them, which greatly wastes computing resources and brings serious performance overhead. In this paper, a novel VM-based real-time file protection system, named VRFPS, is proposed to solve these problems. First, virtual machine monitor introspects all file operations of guest OS. Then, semantic gap between disk block and logic files is narrowed by blktap. Finally, a virtual sandbox is implemented in privileged domain to prevent protected files in guest domain from modifying illegally. Our approach is highly isolated, transparent and without modification on virtual machine monitor and guest OS. The experimental results show that the presented system is validate and of low performance overhead. |
Year | DOI | Venue |
|---|---|---|
2009 | 10.1109/SERA.2009.23 | SERA |
Keywords | Field | DocType |
invasive software,virtual machine monitor,file protection system,multiple operation system,operation systems,guest domain,virtual machine,real-time file protection system,monitored system,host-based file protection system,guest os,independent file protection system,traditional host-based file protection,virtual machines,operating systems (computers),critical modules,virtual sandbox,logic file,virtualization technology,disk block,logic files,sandbox,file operation,novel virtual machine-based real-time,virtual machine introspection,vrfps,real-time systems,malwares,file protection,system monitoring,virtual machine-based real-time file protection system,real time,real time systems,linux,multiplication operator,semantic gap,kernel | File Control Block,Virtual file system,Self-certifying File System,Computer science,Device file,Real-time computing,Unix file types,Memory-mapped file,File system fragmentation,Operating system,Embedded system,Computer file | Conference |
ISBN | Citations | PageRank |
978-0-7695-3903-4 | 5 | 0.45 |
References | Authors | |
18 | 5 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Feng Zhao | 1 | 81 | 11.09 |
| Yali Jiang | 2 | 7 | 1.86 |
| Guofu Xiang | 3 | 72 | 6.06 |
| Hai Jin | 4 | 6544 | 644.63 |
| Wenbin Jiang | 5 | 355 | 36.55 |