POSTER: TraceVirt: A Framework for Detecting the Non-tampering Attacks in the Virtual Machine - Citegraph

Paper Info

Title
POSTER: TraceVirt: A Framework for Detecting the Non-tampering Attacks in the Virtual Machine

Abstract
Building a trustworthy cloud is critical for its practical use. Most current researches usually take integrity measurements using trusted computing to address trust issue, such as integrity measurement architecture (IMA) implemented in Linux kernel. However, some runtime attacks intrude the system while not tampering with the programs, which cannot be detected by integrity mechanism. We call them non-tampering attacks. This paper presents TraceVirt, a framework for detecting these non-tampering attacks, which combines the strong isolation and event-driven capacity to log runtime information. The logging data is processed by remote intrusion analysis cluster to analyze potential attacks. The experimental results show that TraceVirt can detect the real world non-tampering attacks and the performance overhead is acceptable.

Year	DOI	Venue
2014	10.1145/2660267.2662377	ACM Conference on Computer and Communications Security
Keywords	Field	DocType
security and protection,logging,security,virtual machine,cloud,detection	Architecture,Internet privacy,Trusted Computing,Virtual machine,Intrusion,Computer security,Computer science,Trustworthiness,Integrity measurement,Linux kernel,Cloud computing	Conference
Citations	PageRank	References
0	0.34	5
Authors
3

Authors (3 rows)

Cited by (0 rows)

References (5 rows)

Name	Order	Citations	PageRank
Jie Lin	1	1	1.02
Chuanyi Liu	2	26	8.62
Binxing Fang	3	380	88.26

1