Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
- Type of Document: M.Sc. Thesis
- Language: Farsi
- Document No: 49165 (19)
- University: Sharif University of Technology
- Department: Computer Engineering
- Advisor(s): Kharrazi, Mehdi
- Abstract:
- Virtualization is one of the widely used technologies which has enhanced the utilization of the hardware resources and made the computer management easier. Cloud computing is one of its appealing application providing various electronic services in the form of virtual machines to users. A common security threat in the virtual machines in cloud services is the vulnerabilities the programs and operating systems have. Attackers can take the advantage of these vulnerable machines and abuse them to carry out attacks. Virtual Machine Introspection (VMI) techniques are proposed and used by the cloud providers utilizing the management capabilities in the hypervisor to intercept hardware accesses and observe the internal workings of the virtual machines in order to detect the intrusions. Memory is one of the important resources which VMIs introspect. VMI solutions can either monitor memory accesses in real-time or analyse the snapshots of the memory in periodic time intervals. These two differ in the accuracy they have in introspecting and analysing the virtual machines behavior as well as the overhead they impose on the speed of them. Providing both accuracy and speed at the same time in VMI solutions is considered as an important issue. In this thesis, a real-time VMI technique is proposed which can introspect the internal workings of all the programs continuously in a fined-grained granularity. The proposed VMI solution monitors the write instructions access on memory and can trace the memory changes in this level for analysing the the programs’ behavior. Although the proposed technique traces the operations of virtual machines in instruction level, the overhead of it is low. We also use Memory Deduplication (a mechanism used in hypervisors for enhancing the memory utilization) to introspect and analyse the machine states at the same time with the lowest hardware cost. This mechanism enables us to select and trace the write operations requiring minimum modification in hypervisors. We implement and evaluate our solution with Xen since it is one of the well-known
hardware-assisted hypervisors - Keywords:
- Virtualization ; Virtual Machine ; Virtual Machine Introspection ; Monitor Programs Behaviour ; Write Instruction
Digital Object List
محتواي کتاب
Bookmark