NDLI: A formal model for virtual machine introspection

Please wait, while we are loading the content...

A formal model for virtual machine introspection

The cake is a lie: privilege rings as a policy resource

Emulating emulation-resistant malware

Application containers without virtual machines

TimeCapsule: secure recording of accesses to a protected datastore

Availability-sensitive intrusion recovery

A formal model for virtual machine introspection

Content Provider	ACM Digital Library
Author	Eckert, Claudia Pfoh, Jonas Schneider, Christian
Abstract	Virtual machine introspection (VMI) describes the method of monitoring and analyzing the state of a virtual machine from the hypervisor level. In this paper, we present a formal discussion of the development of VMI-based security applications. We begin by identifying three major challenges that all VMI-based security applications must overcome. The main contribution of our work is the definition of a formal model for describing VMI techniques. This model is broken down in such a way that allows for thorough discussion of any VMI approach with regard to each of the three challenges. Then, we specify three design patterns for interpreting state information using our model. We argue that these patterns are complete, that is, they cover all possible methods for state interpretation. The properties of all patterns are thoroughly discussed so that the pros and cons of their application may be fully understood. Finally, we describe and discuss an ideal VMI-based intrusion detection system using our model and begin to detail the practical implications in building such a system.
Starting Page	1
Ending Page	10
Page Count	10
File Format	PDF
ISBN	9781605587806
DOI	10.1145/1655148.1655150
Language	English
Publisher	Association for Computing Machinery (ACM)
Publisher Date	2009-11-09
Publisher Place	New York
Access Restriction	Subscribed
Subject Keyword	Intrusion detection Formalization Introspection Security Virtualization
Content Type	Text
Resource Type	Article

Central Library (ISO-9001:2015 Certified)
Indian Institute of Technology Kharagpur
Kharagpur, West Bengal, India | PIN - 721302

See location in the Map
03222 282435
Mail: support@ndl.gov.in

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in