2010 Third International Symposium on Information Processing (2008)
May 23, 2008 to May 25, 2008
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ISIP.2008.28
Isolation execution is an effective mechanism that has been applied to protect the computers against the unknown attacks from the Internet. However, previous isolation solutions cannot achieve both the OS isolation and the reusage of existing software environment. In this paper, we present a new isolated execution approach called Aquarius for accessing the Internet safely. Besides fulfilling the OS isolation based on a hosted virtual machine (VM), Aquarius provides other two key features. One is that it can reuse the preinstalled software of the host OS. Another is that Aquarius faithfully reproduces the behavior of the Internet-accessing applications via providing transparent Internet accesses, as if they were directly connected to the Internet. Functional evaluation results illustrate the effectiveness of our approach, and performance evaluation results show that compute-intensive benchmarks run essentially at native speed on Aquarius VM, reaching 95.82-99.59% while network transmitting achieves 87.94% of the native network speed.
intrusion tolerant, virtual machine, local-booting technology
Yan Wen, Jinjing Zhao, Huaimin Wang, "A Novel Intrusion-Tolerant Approach for Internet Access", 2010 Third International Symposium on Information Processing, vol. 00, no. , pp. 485-489, 2008, doi:10.1109/ISIP.2008.28