期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种无代理虚拟机进程监控方法 被引量:4

An agentless monitoring method for virtual machine processes
下载PDF
导出
摘要 针对云环境下的租户虚拟机状态监控问题,提出一种基于虚拟机内存实时在线分析的虚拟机监控技术.借助虚拟化层的高特权级,可以在虚拟机外部透明地实时获取虚拟机的物理内存.引入内存取证领域的物理内存解析机制,在虚拟化层在线地分析虚拟机内存中重要的内核数据结构,从而获取虚拟机内存语义知识,有效地解决虚拟机与虚拟化层之间的语义鸿沟问题,实现虚拟机细粒度状态信息监控.由于监控代码处于更高特权级的虚拟化层,无需在用户虚拟机中部署监控代理,因此,虚拟机内部的恶意代码无法旁路和破坏安全监控代码,提高了方法的透明性和安全性.实验表明,该方法可以在低开销下以无监控代理模式为租户提供虚拟机监控服务. To solve the problem of user virtual machine monitoring in cloud environment,a virtual machine security monitoring method based on real time online analysis of virtual machine memory was proposed. With high privilege of the virtualization layer,virtual machine memory could be obtained outside of virtual machines online transparently. By using the memory analysis mechanism derived from the field of internal forensics,the semantic knowledge of virtual machine memory can be revealed by analyzing some important kernel structures of the virtual machine memory online in the virtualization layer,which effectively solves the semantic gap between the virtual machine and the virtualization layer and leads to achieving fine granularity of information monitoring of virtual machines. Because the monitoring code is under the virtualization layer,outside of the monitored virtual machine and isolated from virtual machine internal codes by the virtualization mechanism,there is no need to deploy monitoring agents in the users’ virtual machine. Therefore,any malicious code inside the virtual machine can not bypass and destroy the security monitoring code under the virtualization layer and the transparency and security of the method is improved. The experimental results show that the method can provide a cloud security monitoring service for virtual machines at lower performance cost with agentless.
作者 尹学渊 陈兴蜀 陶术松 陈林 Yin Xueyuan;Chen Xingshu;Tao Shusong;Chen Lin(College of Computer Science,Sichuan University,Chengdu,610065,China;Cybersecurity Research Institute,Sichuan University,Chengdu,610065,China;HIFIVE Technology Co.,Ltd,Chengdu,610065,China)
机构地区 四川大学计算机学院 四川大学网络空间安全研究院 成都嗨翻屋科技有限公司
出处 《南京大学学报(自然科学版)》 CAS CSCD 北大核心 2019年第2期221-230,共10页 Journal of Nanjing University(Natural Science)
基金 国家科技支撑计划(2012BAH18B05) 国家自然科学基金(61272447)
关键词 虚拟机监控 内存分析 语义解析 无代理 virtual machine monitoring memory analysis semantic analysis agentless
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献5

二级参考文献47

  • 1孟庆倩,李清宝,魏珉.基于Windows环境进程监控的设计与实现[J].信息工程大学学报,2007,8(1):26-29. 被引量:9
  • 2罗武庭.DJ—2可变矩形电子束曝光机的DMA驱动程序[J].LSI制造与测试,1989,10(4):20-26. 被引量:373
  • 3唐勇,卢锡城,胡华平,朱培栋.Honeypot技术及其应用研究综述[J].小型微型计算机系统,2007,28(8):1345-1351. 被引量:9
  • 4Organization for the Advancement of Structured Information Standards (OASIS) http://www.oasis-open.org/.
  • 5Distributed Management Task Force (DMTF) http://www.dmtf.org/home.
  • 6Cloud Security Alliance http://www.cloudsecurityalliance.org.
  • 7Crampton J, Martin K, Wild P. On key assignment for hierarchical access control. In: Guttan J, ed, Proc. of the 19th IEEE Computer Security Foundations Workshop--CSFW 2006. Venice: IEEE Computer Society Press, 2006. 5-7.
  • 8Damiani E, De S, Vimercati C, Foresti S, Jajodia S, Paraboschi S, Samarati P. An experimental evaluation of multi-key strategies for data outsourcing. In: Venter HS, Eloff MM, Labuschagne L, Eloff JHP, Solms RV, eds. New Approaches for Security, Privacy and Trust in Complex Environments, Proc. of the IFIP TC-11 22nd Int'l Information Security Conf. Sandton: Springer-Verlag, 2007. 395-396.
  • 9Bethencourt J, Sahai A, Waters B. Ciphertext-Policy attribute-based encryption. In: Shands D, ed. Proc. of the 2007 IEEE Symp. on Security and Privacy. Oakland: IEEE Computer Society, 2007. 321-334. [doi: 10.1109/SP.2007.11].
  • 10Yu S, Ren K, Lou W, Li J. Defending against key abuse attacks in KP-ABE enabled broadcast systems. In: Bao F, ed. Proc. of the 5th Int'l Conf. on Security and Privacy in Communication Networks. Singapore: Springer-Verlag, http://www.linkpdf.com/ ebook-viewer.php?url=http://www.ualr.edu/sxyul/file/SecureCommO9_AFKP_ABE.pdf.

共引文献1145

同被引文献28

引证文献4

二级引证文献5

南京大学学报(自然科学版)
2019年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部