Jianhua Che,Qinming He,Qinghua Gao,Dawei Huang

DOI: https://doi.org/10.1109/euc.2008.127

2008-01-01

Abstract:With its growth and wide applications, virtualization has come through a revival in computer system community. Virtualization offers a lot of benefits including flexibility, security, ease to configuration and management, reduction of cost and so forth, but at the same time it also brings a certain degree of performance overhead. Furthermore, virtual machine monitor (VMM) is the core component of virtual machine (VM) system and its effectiveness greatly impacts the performance of whole system. In this paper, we measure and analyze the performance of two open source virtual machine monitors-Xen and KVM using LINPACK, LMbench and IOzone, and provide a quantitative and qualitative comparison of both virtual machine monitors.

Deshi Ye,Qinming He,Hua Chen,Jianhua Che

DOI: https://doi.org/10.1109/euc.2008.42

2008-01-01

Abstract:Virtualization technology becomes more and more important in area of compute science, such as data center and server consolidation. A large number of hypervisors are available to manage the virtualization either on bare hardware or on host operating systems. One of the important task for the designer is to measure and compare the performance overhead of given virtual machines. In this paper, we provide an analytic framework for the performance analyzing either without running a system or in a runnable real system. Meanwhile, analytic performance models that are based on the queue network theory are developed to study the designs of virtual machines. At the end, a case study of the mathematical models is given to illustrate the performance evaluation.

Xiaoguang Wang,Yong Qi,Zhi Wang,Yue Chen,Yajin Zhou

DOI: https://doi.org/10.1109/tdsc.2017.2675991

2019-01-01

Abstract:The OS kernel is critical to the security of a computer system. Many systems have been proposed to improve its security. A fundamental weakness of those systems is that page tables, the data structures that control the memory protection, are not isolated from the vulnerable kernel, and thus subject to tampering. To address that, researchers have relied on virtualization for reliable kernel memory protection. Unfortunately, such memory protection requires to monitor every update to the guest's page tables. This fundamentally conflicts with the recent advances in the hardware virtualization support. In this paper, we propose SecPod, an extensible framework for virtualization-based security systems that can provide both strong isolation and the compatibility with modern hardware. SecPod has two key techniques: paging delegation delegates and audits the kernel's paging operations to a secure space; execution trapping intercepts the (compromised) kernel's attempts to subvert SecPod by misusing privileged instructions. We have implemented a prototype of SecPod based on KVM. Our experiments show that SecPod is both effective and efficient.

Jianhua Che,Qinming He,Kejiang Ye,Dawei Huang

DOI: https://doi.org/10.1007/978-3-642-11842-5_11

2010-01-01

Abstract:As one of pivotal components, the efficiency of virtual machine monitor(VMM) will largely impact the performance of a virtualization system. Therefore, evaluating the performance of VMMs adopting different virtualization technologies becomes more and more important. This paper selects three typical open source VMMs(i.e. OpenVZ, Xen and KVM) as the delegates of operating system-level virtualization, para-virtualization and full-virtualization to evaluate their performance with a combinative method that measures their macro-performance and micro-performance as a black box and analyzes their performance characteristic as a white box. By correlating the analysis results of two-granularity performance data, some potential performance bottlenecks come out.

Chen Wen-Zhi,Zhu Hong-Wei,Huang Wei

DOI: https://doi.org/10.1109/CW.2008.110

2008-01-01

Abstract:The security problem became more severe since the security requirement of different applications may conflict with the others in distributed application or grid computing. Virtualization technology can improvethe system's security, but did not satisfy the requirement of virtual resource sharing and inner-domain communication in distributed services and grid computing. By dividing the virtual resources into sharing virtual resources and normal ones, SeVMM provided secure mechanism for inter-domain communication control, which formed the base of multi-level security control model for virtual machine monitors, operating systems and applications. Case study and application showed that SeVMM improved the system's security without causing significant performance penalty.

Dongyang Zhan,Lin Ye,Hongli Zhang,Binxing Fang,Huhua Li,Yang Liu,Xiaojiang Du,Mohsen Guizani

DOI: https://doi.org/10.48550/arXiv.1804.01633

2018-04-05

Abstract:Cloud-assisted Cognitive Internet of Things has powerful data analytics abilities based on the computing and data storage capabilities of cloud virtual machines, which makes protecting virtual machine filesystem very important for the whole system security. Agentless periodic filesystem monitors are optimal solutions to protect cloud virtual machines because of the secure and low-overhead features. However, most of the periodic monitors usually scan all of the virtual machine filesystem or protected files in every scanning poll, so lots of secure files are scanned again and again even though they are not corrupted. In this paper, we propose a novel agentless periodic filesystem monitor framework for virtual machines with different image formats to improve the performance of agentless periodic monitors. Our core idea is to minimize the scope of the scanning files in both file integrity checking and virus detection. In our monitor, if a file is considered secure, it will not be scanned when it has not been modified. Since our monitor only scans the newly created and modified files, it can check fewer files than other filesystem monitors. To that end, we propose two monitor methods for different types of virtual machine disks to reduce the number of scanning files. For virtual machine with single disk image, we hook the backend driver to capture the disk modification information. For virtual machine with multiple copy-onwrite images, we leverage the copy-on-write feature of QCOW2 images to achieve the disk modification analysis. In addition, our system can restore and remove the corrupted files. The experimental results show that our system is effective for both Windows and Linux virtual machines with different image formats and can reduce the number of scanning files and scanning time.

Cryptography and Security

K. Suzaki,R. Ando,Kazushi Takahashi

DOI: https://doi.org/10.22667/JOWUA.2012.03.31.120

Abstract:Leveraging hypervisor for security purpose such as malware analysis has been well researched. There still remain two challenges for analyzing security incidents on virtual machine: real-time monitoring and semantic gap. First, current active monitoring methods need to be improved for real-time protection of virtual machine. Second, semantic gap between virtual machine and hypervisor poses a significant impediment on security analyst. In this paper, we propose an inter-domain communication protocol for real-time monitoring of virtual machine and bridging semantic gap. We have deployed the inter-domain communication module between a guest Windows OS and a hypervisor in two ways. While the one is a register based transfer using vCPU context, the other is a shared memory based communication. Our protocol is event driven, which makes the proposed system enable to monitor the file access of a guest Windows OS in real-time without suspending it. We have implemented our system on XEN virtual machine monitor and KVM (Kernel Virtual Machine). We have measured the resource utilization of these two systems in the case of decompressing files and receiving HTTP requests. On the guest OS, the KVM based system outperforms the processor idle time by about 30-50% in decompressing file and the memory usage by about 35% in receiving HTTP requests. We conclude that our system can monitor file access inside virtual machine without suspension and also with reasonable resource usage.

Computer Science

Haoxiang Huang,Jianbiao Zhang,Lei Zhang,Jun Hu,YiHao Cao

DOI: https://doi.org/10.1016/j.cose.2023.103648

IF: 5.105

2023-12-11

Computers & Security

Abstract:In the cloud environment, the virtual computing node has become the dominant form of cloud services used by users. Hence, it is increasingly critical to guarantee the trusted operation of the virtual computing node's operating system (VCNOS). However, previous schemes suffer a lot, such as insufficient consideration of the comprehensive of the measured objects, ignoring the dynamic of trusted, and the trusted measurement mechanisms rarely consider their security. Thus, a three-dimensional dynamic trusted measurement model SABDTM, which integrates the integrity measurement of kernel static data, trusted evaluation of operating system behavior (OSB), and the feedback trust of interacting nodes, is proposed. First, SABDTM divided OSB into multiple atomic behaviors and introduced the Bayesian decision theory to predict trusted expectations of OSBs. Second, the feedback trust of interacting nodes is considered to improve the comprehensiveness of the trusted measurement and evaluate its value based on the Euclidean distance function to reduce the impact of inaccurate feedback from malicious nodes. Subsequently, we set the appropriate weight for trusted measurement values of different moments based on Induced Ordered Weighted Averaging to accurately portray the actual state of VCNOS. Moreover, we designed a lightweight and independent subsystem to perform the trusted measurement, which guarantees the security of the measurement service. The security of our model is proved rigorously based on the non-interference theory. Finally, the experiments and comparative analysis demonstrated our model has better functionality and superiority.

computer science, information systems

Siqin Zhao,Kang Chen,Weimin Zheng

DOI: https://doi.org/10.1109/ChinaGrid.2009.45

2009-01-01

Abstract:It is very important to protect critical resources such as private data and code in computer systems. It is promising to protect private data and to improve the system security by leveraging the isolation attribute of virtual machine(VM). The isolation attribute of VM is provided by Virtual Machine Monitor (VMM) that runs in higher priority than guest OSes. If the critical components are isolated in VMs,access control can be enforced or attestation can be made when the subject is accessing via VMs. In this way, VMs can improve the security level of critical components such as OS, kernel, data, and applications. For computer system security, VMs can be used to detect malware intrusions and to protect critical components, which can be implemented by integrating detection or protection mechanism in either VMM or VMs. Authentication is required to create trustful VMs. This paper surveys technologies related of using virtual machines to enhance system security.

Francesco Gadaleta,Raoul Strackx,Nick Nikiforakis,Frank Piessens,Wouter Joosen

DOI: https://doi.org/10.48550/arXiv.1405.6058

2014-05-22

Abstract:Protecting commodity operating systems and applications against malware and targeted attacks has proven to be difficult. In recent years, virtualization has received attention from security researchers who utilize it to harden existing systems and provide strong security guarantees. This has lead to interesting use cases such as cloud computing where possibly sensitive data is processed on remote, third party systems. The migration and processing of data in remote servers, poses new technical and legal questions, such as which security measures should be taken to protect this data or how can it be proven that execution of code wasn't tampered with. In this paper we focus on technological aspects. We discuss the various possibilities of security within the virtualization layer and we use as a case study \HelloRootkitty{}, a lightweight invariance-enforcing framework which allows an operating system to recover from kernel-level attacks. In addition to \HelloRootkitty{}, we also explore the use of special hardware chips as a way of further protecting and guaranteeing the integrity of a virtualized system.

Cryptography and Security

Fengwei Zhang,Jiang Wang,Kun Sun,Angelos Stavrou

DOI: https://doi.org/10.1109/tdsc.2013.53

2014-07-01

IEEE Transactions on Dependable and Secure Computing

Abstract:The advent of cloud computing and inexpensive multi-core desktop architectures has led to the widespread adoption of virtualization technologies. Furthermore, security researchers embraced virtual machine monitors (VMMs) as a new mechanism to guarantee deep isolation of untrusted software components, which, coupled with their popularity, promoted VMMs as a prime target for exploitation. In this paper, we present HyperCheck, a hardware-assisted tampering detection framework designed to protect the integrity of hypervisors and operating systems. Our approach leverages System Management Mode (SMM), a CPU mode in ×86 architecture, to transparently and securely acquire and transmit the full state of a protected machine to a remote server. We have implement two prototypes based on our framework design: HyperCheck-I and HyperCheck-II, that vary in their security assumptions and OS code dependence. In our experiments, we are able to identify rootkits that target the integrity of both hypervisors and operating systems. We show that HyperCheck can defend against attacks that attempt to evade our system. In terms of performance, we measured that HyperCheck can communicate the entire static code of Xen hypervisor and CPU register states in less than 90 million CPU cycles, or 90 ms on a 1 GHz CPU.

computer science, information systems, software engineering, hardware & architecture

A. Gomez Ramirez,M. Martinez Pedreira,C. Grigoras,L. Betev,C. Lara,U. Kebschull

DOI: https://doi.org/10.1088/1742-6596/898/10/102004

2017-04-16

Abstract:High Energy Physics (HEP) distributed computing infrastructures require automatic tools to monitor, analyze and react to potential security incidents. These tools should collect and inspect data such as resource consumption, logs and sequence of system calls for detecting anomalies that indicate the presence of a malicious agent. They should also be able to perform automated reactions to attacks without administrator intervention. We describe a novel framework that accomplishes these requirements, with a proof of concept implementation for the ALICE experiment at CERN. We show how we achieve a fully virtualized environment that improves the security by isolating services and Jobs without a significant performance impact. We also describe a collected dataset for Machine Learning based Intrusion Prevention and Detection Systems on Grid computing. This dataset is composed of resource consumption measurements (such as CPU, RAM and network traffic), logfiles from operating system services, and system call data collected from production Jobs running in an ALICE Grid test site and a big set of malware. This malware was collected from security research sites. Based on this dataset, we will proceed to develop Machine Learning algorithms able to detect malicious Jobs.

Distributed, Parallel, and Cluster Computing,Artificial Intelligence,Cryptography and Security,High Energy Physics - Experiment

Kejiang Ye,Jianhua Che,Xiaohong Jiang,Jianhai Chen,Xing Li

DOI: https://doi.org/10.1109/chinagrid.2010.12

2010-01-01

Abstract:Virtualization technology has attracted wide attention in recent years as a method to improve resource utilization, reduce costs, and ease server management. However, the performance penalty resulting from virtualization is an unneglectable problem and should be carefully evaluated. To our knowledge, there are few performance evaluating tools developed for virtualization environments. We propose a configurable framework and implement a prototype vTestkit to provide a platform to do performance evaluation for virtualization environments easily, flexibly, and automatically. In this paper, we first discuss the requirements and challenges of performance measurement in virtualization environments, and then present a methodology for characterizing the performance of single virtual machine (VM) scenario and multi-VM scenario. Then we introduce the architecture of vTestkit framework, implement details, and the testing process with vTestkit. Finally, three typical case studies are presented to show that vTestkit can meet the complex testing requirements well and is propitious to various scenarios.

Benshan Mei,Saisai Xia,Wenhao Wang,Dongdai Lin

2024-07-18

Abstract:Confidential computing safeguards sensitive computations from untrusted clouds, with Confidential Virtual Machines (CVMs) providing a secure environment for guest OS. However, CVMs often come with large and vulnerable operating system kernels, making them susceptible to attacks exploiting kernel weaknesses. The imprecise control over the read/write access in the page table has allowed attackers to exploit vulnerabilities. The lack of security hierarchy leads to insufficient separation between untrusted applications and guest OS, making the kernel susceptible to direct threats from untrusted programs. This study proposes Cabin, an isolated execution framework within guest VM utilizing the latest AMD SEV-SNP technology. Cabin shields untrusted processes to the user space of a lower virtual machine privilege level (VMPL) by introducing a proxy-kernel between the confined processes and the guest OS. Furthermore, we propose execution protection mechanisms based on fine-gained control of VMPL privilege for vulnerable programs and the proxy-kernel to minimize the attack surface. We introduce asynchronous forwarding mechanism and anonymous memory management to reduce the performance impact. The evaluation results show that the Cabin framework incurs a modest overhead (5% on average) on Nbench and WolfSSL benchmarks.

Cryptography and Security

赵阳,刘明芳,林曦君

DOI: https://doi.org/10.3969/j.issn.1671-0428.2013.03.004

IF: 5.105

2013-01-01

Computers & Security

Abstract:With the development of cloud computing, virtualization technology, interaction in virtual machines on the same physical host also encounters hitherto unknown security problem. This paper is based on trusted computing, using shared memory mechanism based on KVM, applies dedicated security trusted pipeline, and uses trusted measurement to verify the authenticity and reliability of two virtual machines. By encrypting memory pseudo address, it isolates other virtual machine except the interaction of the two sides, and guarantees the information trusted and security during the communication process. At last, we analyze and summarize the method.

Kejiang Ye,Xiaohong Jiang,Siding Chen,Dawei Huang,Bei Wang

DOI: https://doi.org/10.1109/HPCC.2010.79

2010-01-01

Abstract:Virtualization technology is currently widely used due to its benefits on high resource utilization, flexible manageability and powerful system security. However, its use for high performance computing (HPC) is still not popular due to the unclearness of the virtualization overheads. It's worthy to evaluate the virtualization cost and to find the performance bottleneck when running HPC applications in virtual cluster. We first evaluate the basic performance overheads due to virtualization. Then we create a 16-node virtual cluster and perform a performance evaluation for both para-virtualization and full virtualization. After that, we evaluate the MPI (Message Passing Interface) scalability to investigate the impact of MPI and network communication between virtual machines. In addition to the macro assessment, we use the Oprofile/Xenoprof to investigate the architecture characterization like CPU cycle, L2 cache misses, DTLB misses and ITLB misses which is an auxiliary explanation to the performance bottleneck. Experimental results indicate that performance overheads of virtualization are acceptable for HPC, para-virtualization is very suitable for HPC due to the high virtualization efficiency and efficient inter-domain communication. Finally, we use the non-linear regression modeling technology to present a performance model for network latency and bandwidth to predict the performance in virtual cluster environment.

Xiaolin Wang,Yan Sang,Yi Liu,Yingwei Luo

DOI: https://doi.org/10.1007/978-94-007-2105-0_31

2011-01-01

Abstract:With the development of virtualization technology, some security problems have appeared. Researchers begin to suspect the security of virtualized environment and consider how to evaluate the security degree of virtualized environment. But there are not uniform virtualized environment security evaluation criteria at present. In this paper, we analyze the security problem in virtualized environment and present our virtualized environment security evaluation criteria. We take a further research on support technology and authentication method. First, we introduce the background of the problem. Next, we summarize the related work. After that we present our virtualized environment security evaluation criteria and introduce our work on support technology and authentication method. For support technology, we propose some safety guarantee technology for each security level. For authentication method, we give some ideas for the evaluation of each security level.

Kejiang Ye,Zhaohui Wu,Bing Bing Zhou,Xiaohong Jiang,Chen Wang,Albert Y. Zomaya

DOI: https://doi.org/10.1109/MIC.2013.104

IF: 2.68

2014-01-01

IEEE Internet Computing

Abstract:Modern cloud computing environments often use virtualization technology to implement resource sharing. However, virtualization incurs performance overheads due to the additional hypervisor layer placed between virtual machines (VMs) and hardware resources. Understanding VM performance is crucial for running applications efficiently and for further improving VM techniques. Unfortunately, existing b...

YANG Feng,JIANG Hui,ZHUGE Jian-wei,DUAN Hai-xin

DOI: https://doi.org/10.3969/j.issn.1000-1220.2012.08.040

2012-01-01

Abstract:Due to the advantages of resources utilization,management and isolation,Virtualization Technology has been widely used in the areas of virtual server,malware analysis and cloud computing platform.The malicious code writers and security researchers start a new game in Virtualization Technology,and how to detect the presence of virtual environments becomes a hot research topic.This paper,introduces the significance of Virtual Machine Environment(VME) Detection Methods,uses examples to describe the principles and methods of local and remote VME detection,makes a summary of VME Detection Methods,indicates the direction of Virtualization transparency,analyses and discusses the future trend.

Sakshi Chhabra,Ashutosh Kumar Singh

DOI: https://doi.org/10.48550/arXiv.2212.05319

2022-12-10

Abstract:The core of the computer business now offers subscription-based on-demand services with the help of cloud computing. We may now share resources among multiple users by using virtualization, which creates a virtual instance of a computer system running in an abstracted hardware layer. It provides infinite computing capabilities through its massive cloud datacenters, in contrast to early distributed computing models, and has been incredibly popular in recent years because to its continually growing infrastructure, user base, and hosted data volume. This article suggests a conceptual framework for a workload management paradigm in cloud settings that is both safe and performance-efficient. A resource management unit is used in this paradigm for energy and performing virtual machine allocation with efficiency, assuring the safe execution of users' applications, and protecting against data breaches brought on by unauthorised virtual machine access real-time. A secure virtual machine management unit controls the resource management unit and is created to produce data on unlawful access or intercommunication. Additionally, a workload analyzer unit works simultaneously to estimate resource consumption data to help the resource management unit be more effective during virtual machine allocation. The suggested model functions differently to effectively serve the same objective, including data encryption and decryption prior to transfer, usage of trust access mechanism to prevent unauthorised access to virtual machines, which creates extra computational cost overhead.

Distributed, Parallel, and Cluster Computing,Artificial Intelligence