Issue No.05 - September/October (2008 vol.6)
Kara Nance , University of Alaska, Fairbanks
Matt Bishop , University of California, Davis
Brian Hay , University of Alaska, Fairbanks
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2008.134
As virtualization becomes increasingly mainstream, virtual machine introspection techniques and tools are evolving to provide methods to monitor the behavior of virtual machines. This survey classifies and describes current VMI introspection technologies according to three primary classifications: threat monitoring versus interference, semantic awareness, and event replay. The authors also describe the Virtual Introspection for Xen (VIX) tool suite, which was developed to address key VMI requirements, and outline key research areas for future investigation.
virtual machine monitoring, virtual machine introspection, intrusion monitoring, attack analysis
Kara Nance, Matt Bishop, Brian Hay, "Virtual Machine Introspection: Observation or Interference?", IEEE Security & Privacy, vol.6, no. 5, pp. 32-37, September/October 2008, doi:10.1109/MSP.2008.134