Securing KVM-based cloud systems via virtualization introspection | NCCU Academic Hub

學術產出-Proceedings

Article View/Open

html(791)

Publication Export

Google Scholar^TM

政大圖書館

學術資源探索系統

Citation Infomation

Simple Record
Full Record

題名	Securing KVM-based cloud systems via virtualization introspection
作者	Lee, Sheng Wei;Yu, Fang 郁方
貢獻者	資管系
關鍵詞	Artificial intelligence; Ecosystems; Linux; Program processors; Systems science; Artificial intelligence techniques; Cloud structure; Computing ecosystems; Decision rules; Malicious attack; Software defects; Virtual machines; Virtualizations; Virtual reality
日期	2014-02
上傳時間	16-Jun-2015 15:55:03 (UTC+8)
摘要	Linux Kernel Virtual Machine (KVM) is one of the most commonly deployed hypervisor drivers in the IaaS layer of cloud computing ecosystems. The hypervisor provides a full-virtualization environment that intends to virtualize as much hardware and systems as possible, including CPUs, network interfaces and chipsets. With KVM, heterogeneous operating systems can be installed in Virtual Machines (VMs) in an homogeneous environment. However, it has been shown that various breaches due to software defects may cause damages on such a cloud ecosystem. We propose a new Virtualization Introspection System (VIS) to protect the host as well as VMs running on a KVM-based cloud structure from malicious attacks. VIS detects and intercepts attacks from VMs by collecting their static and dynamic status. We then replay the attacks on VMs and leverage artificial intelligence techniques to derive effective decision rules with unsupervised learning nature. The preliminary result shows the promise of the presented approach against several modern attacks on CVE-based vulnerabilities. © 2014 IEEE.
關聯	Proceedings of the Annual Hawaii International Conference on System Sciences, 2014, 論文編號 6759220, Pages 5028-5037, 47th Hawaii International Conference on System Sciences, HICSS 2014; Waikoloa, HI; United States; 6 January 2014 到 9 January 2014; 類別編號E2504; 代碼 105660
資料類型	conference
DOI	http://dx.doi.org/10.1109/HICSS.2014.617

dc.contributor	資管系
dc.creator (作者)	Lee, Sheng Wei;Yu, Fang
dc.creator (作者)	郁方	zh_TW
dc.date (日期)	2014-02
dc.date.accessioned	16-Jun-2015 15:55:03 (UTC+8)	-
dc.date.available	16-Jun-2015 15:55:03 (UTC+8)	-
dc.date.issued (上傳時間)	16-Jun-2015 15:55:03 (UTC+8)	-
dc.identifier.uri (URI)	http://nccur.lib.nccu.edu.tw/handle/140.119/75843	-
dc.description.abstract (摘要)	Linux Kernel Virtual Machine (KVM) is one of the most commonly deployed hypervisor drivers in the IaaS layer of cloud computing ecosystems. The hypervisor provides a full-virtualization environment that intends to virtualize as much hardware and systems as possible, including CPUs, network interfaces and chipsets. With KVM, heterogeneous operating systems can be installed in Virtual Machines (VMs) in an homogeneous environment. However, it has been shown that various breaches due to software defects may cause damages on such a cloud ecosystem. We propose a new Virtualization Introspection System (VIS) to protect the host as well as VMs running on a KVM-based cloud structure from malicious attacks. VIS detects and intercepts attacks from VMs by collecting their static and dynamic status. We then replay the attacks on VMs and leverage artificial intelligence techniques to derive effective decision rules with unsupervised learning nature. The preliminary result shows the promise of the presented approach against several modern attacks on CVE-based vulnerabilities. © 2014 IEEE.
dc.format.extent	176 bytes	-
dc.format.mimetype	text/html	-
dc.relation (關聯)	Proceedings of the Annual Hawaii International Conference on System Sciences, 2014, 論文編號 6759220, Pages 5028-5037, 47th Hawaii International Conference on System Sciences, HICSS 2014; Waikoloa, HI; United States; 6 January 2014 到 9 January 2014; 類別編號E2504; 代碼 105660
dc.subject (關鍵詞)	Artificial intelligence; Ecosystems; Linux; Program processors; Systems science; Artificial intelligence techniques; Cloud structure; Computing ecosystems; Decision rules; Malicious attack; Software defects; Virtual machines; Virtualizations; Virtual reality
dc.title (題名)	Securing KVM-based cloud systems via virtualization introspection
dc.type (資料類型)	conference	en
dc.identifier.doi (DOI)	10.1109/HICSS.2014.617
dc.doi.uri (DOI)	http://dx.doi.org/10.1109/HICSS.2014.617