This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
2012 IEEE Fifth International Conference on Cloud Computing
Maitland: Lighter-Weight VM Introspection to Support Cyber-security in the Cloud
Honolulu, HI, USA USA
June 24-June 29
ISBN: 978-1-4673-2892-0
Despite defensive advances, malicious software (malware) remains an ever present cyber-security threat. Cloud environments are far from malware immune, in that: i) they innately support the execution of remotely supplied code, and ii) escaping their virtual machine (VM) confines has proven relatively easy to achieve in practice. The growing interest in clouds by industries and governments is also creating a core need to be able to formally address cloud security and privacy issues. VM introspection provides one of the core cyber-security tools for analyzing the run-time behaviors of code. Traditionally, introspection approaches have required close integration with the underlying hypervisors and substantial re-engineering when OS updates and patches are applied. Such heavy-weight introspection techniques, therefore, are too invasive to fit well within modern commercial clouds. Instead, lighter-weight introspection techniques are required that provide the same levels of within-VM observability but without the tight hypervisor and OS patch-level integration. This work introduces Maitland as a prototype proof-of-concept implementation a lighter-weight introspection tool, which exploits paravirtualization to meet these end-goals. The work assesses Maitland's performance, highlights its use to perform packer-independent malware detection, and assesses whether, with further optimizations, Maitland could provide a viable approach for introspection in commercial clouds.
Index Terms:
Malware,Kernel,Virtual machine monitors,Encryption,VM introspection,clouds,malware
Citation:
Chris Benninger, Stephen W. Neville, Yagiz Onat Yazir, Chris Matthews, Yvonne Coady, "Maitland: Lighter-Weight VM Introspection to Support Cyber-security in the Cloud," cloud, pp.471-478, 2012 IEEE Fifth International Conference on Cloud Computing, 2012
Usage of this product signifies your acceptance of the Terms of Use.