Abstract | ||
---|---|---|
Cloud computing has emerged in recent years as a major segment of the IT industry; however, security concerns remain the primary impediment to full-scale adoption. Leveraging properties of virtualization, virtual machine introspection (VMI) has yielded promising research for cloud security yet adoption of these approaches in production environments remains minimal due to a semantic gap: the extraction of high-level knowledge of the guest operating system's state from low-level artifacts collected out-of-VM. Within the field of forensic memory analysis (FMA), a similar semantic gap exists from the reconstruction of physical memory dumps. We implement a production oriented prototype utilizing designs that combines and narrows these semantic gaps in a modular framework to function as an intrusion detection system (IDS) detecting and defeating post-exploitation activity. |
Year | DOI | Venue |
---|---|---|
2012 | 10.1109/TrustCom.2012.113 | TrustCom |
Keywords | Field | DocType |
full-scale adoption,production environment,cloud computing,physical memory dump,forensic memory analysis,semantic gap,merging vmi,cloud-based ids,intrusion detection system,guest operating system,cloud security,similar semantic gap,prototypes,malware,virtual machines,virtualisation,it industry,cloud,databases,virtualization,fma,computer forensics | Virtualization,Virtual machine,Computer science,Computer security,Semantic gap,Cloud computing security,Modular design,Malware,Intrusion detection system,Database,Cloud computing | Conference |
Citations | PageRank | References |
6 | 0.48 | 30 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Christopher Harrison | 1 | 6 | 0.82 |
Devin Cook | 2 | 6 | 0.82 |
Robert McGraw | 3 | 6 | 0.82 |
John A. Hamilton Jr. | 4 | 63 | 5.48 |