Using OS Design Patterns to Provide Reliability and Security as-a-Service for VM-based Clouds (VEE 2017 - Session 4)

Who

Zachary J. Estrada, Read Sprabery, Lok Yan, Zhongzhi Yu, Roy Campbell, Zbigniew Kalbarczyk, Ravishankar K. Iyer

Track

VEE 2017 Session 4

Time Zone

The program is currently displayed in (GMT) Azores.

Use conference time zone: (GMT) AzoresSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Sun 9 Apr 2017 10:00 - 10:30 at Zhu Que Room - Security Chair(s): Maoni Stephens

Abstract

This paper extends the concepts behind cloud services to offer hypervisor-based reliability and security monitors for cloud virtual machines. Cloud VMs can be heterogeneous and as such guest OS parameters needed for monitoring can vary across different VMs and must be obtained in some way. Past work involves running code inside the VM, which is unacceptable for a cloud environment. We solve this problem by recognizing that there are common OS design patterns that can be used to infer monitoring parameters from the guest OS. We extract information about the cloud user’s guest OS with the user’s existing VM image and knowledge of OS design patterns as the only inputs to analysis. To demonstrate the range of monitoring functionality possible with this technique, we implemented four sample monitors: a guest OS process tracer, an OS hang detector, a return-to-user attack detector, and a process-based keylogger detector.

Zachary J. Estrada

University of Illinois, Rose-Hulman Institute of Technology

Read Sprabery

University of Illinois

Lok Yan

Air Force Research Laboratory

Zhongzhi Yu

University of Illinois

Roy Campbell

University of Illinois

Zbigniew Kalbarczyk

University of Illinois

Ravishankar K. Iyer

University of Illinois

Time Zone

The program is currently displayed in (GMT) Azores.

Use conference time zone: (GMT) AzoresSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Sun 9 Apr
Displayed time zone: Azores change

09:00 - 10:30	SecuritySession 4 at Zhu Que Room Chair(s): Maoni Stephens

09:00 30m Talk		Security analysis of encrypted virtual machines Session 4 Felicitas Hetzelt Technical University of Berlin, Robert Buhren
09:30 30m Talk		RERANZ: A Light-Weight Virtual Machine to Mitigate Memory Disclosure Attacks Session 4 Zhe Wang State Key Laboratory of Computer Architecture, Institute of Computing Technology, Chinese Academy of Sciences, Chenggang Wu Institute of Computing Technology, Chinese Academy of Science, Jianjun Li State Key Laboratory of Computer Architecture, Institute of Computing Technology, Chinese Academy of Sciences, Yuanming Lai State Key Laboratory of Computer Architecture, Institute of Computing Technology, Chinese Academy of Sciences, Xiangyu Zhang Purdue University, Wei-Chung Hsu Dept. Computer Science & Information Engineering, National Taiwan University, Yueqiang Cheng Acetti Software
10:00 30m Talk		Using OS Design Patterns to Provide Reliability and Security as-a-Service for VM-based Clouds Session 4 Zachary J. Estrada University of Illinois, Rose-Hulman Institute of Technology, Read Sprabery University of Illinois, Lok Yan Air Force Research Laboratory, Zhongzhi Yu University of Illinois, Roy Campbell University of Illinois, Zbigniew Kalbarczyk University of Illinois, Ravishankar K. Iyer University of Illinois