BlockTapping: An Online Transparent Integrity Checker for Virtual Storage

Haifeng Fang

doi:10.1109/ICPADS.2011.34

I
ICPADS
2011
2011 IEEE 17th International Conference on Parallel and Distributed Systems
Abstract - BlockTapping: An Online Transparent Integrity Checker for Virtual Storage

	This Article
	Subscribers, please Login Purchase article: $19 PDF RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Haifeng Fang

2011 IEEE 17th International Conference on Parallel and Distributed Systems

BlockTapping: An Online Transparent Integrity Checker for Virtual Storage

Tainan, Taiwan

December 07-December 09

ISBN: 978-0-7695-4576-9

	ASCII Text	x
	Haifeng Fang, "BlockTapping: An Online Transparent Integrity Checker for Virtual Storage," Parallel and Distributed Systems, International Conference on, pp. 610-617, 2011 IEEE 17th International Conference on Parallel and Distributed Systems, 2011.

	BibTex	x
	@article{ 10.1109/ICPADS.2011.34, author = {Haifeng Fang}, title = {BlockTapping: An Online Transparent Integrity Checker for Virtual Storage}, journal ={Parallel and Distributed Systems, International Conference on}, volume = {0}, year = {2011}, issn = {1521-9097}, pages = {610-617}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICPADS.2011.34}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Parallel and Distributed Systems, International Conference on TI - BlockTapping: An Online Transparent Integrity Checker for Virtual Storage SN - 1521-9097 SP610 EP617 A1 - Haifeng Fang, PY - 2011 KW - Virtual Storage KW - Data Integrity KW - Transparent Detection VL - 0 JA - Parallel and Distributed Systems, International Conference on ER -

Haifeng Fang

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICPADS.2011.34

The integrity of virtual storage has become a very important issue in the virtual computing environment (like Xen-based computing platform). Current integrity detection systems have some disadvantages, for example, they cannot protect themselves well or the dependence between the detection results and the target system is high. We refer to the problem as lack of transparency. This paper presents a novel online integrity checker, Block Tapping, which ensures its security benefiting from the isolation property of virtual machine. Block tapping monitors the block-level data streams transparently through block-to-file semantic-translation at the virtual block device layer. Based on the self-described information of virtual storages, Block Tapping detects the file-level malicious behaviors independent of the internal state of the compromised virtual machine. Experiments show that the prototype system successfully captures 13 typical user-mode root kit attacks against virtual storage, and the performance overhead is acceptable.

Index Terms:

Virtual Storage, Data Integrity, Transparent Detection

Citation:

Haifeng Fang, "BlockTapping: An Online Transparent Integrity Checker for Virtual Storage," icpads, pp.610-617, 2011 IEEE 17th International Conference on Parallel and Distributed Systems, 2011

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.