CloudVMI: A Cloud-Oriented Writable Virtual Machine Introspection
IoT generates considerable amounts of data, which often requires leveraging cloud computing to effectively scale the costs of transferring and computing these data. The concern regarding cloud security is more severe because many devices are connected to the cloud. It is important to automatically m...
Main Authors: | , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
IEEE
2017-01-01
|
Series: | IEEE Access |
Subjects: | |
Online Access: | https://ieeexplore.ieee.org/document/8055541/ |
id |
doaj-a30b97afc6b24e319f2d87ddbab3c836 |
---|---|
record_format |
Article |
spelling |
doaj-a30b97afc6b24e319f2d87ddbab3c8362021-03-29T19:56:58ZengIEEEIEEE Access2169-35362017-01-015219622197610.1109/ACCESS.2017.27583568055541CloudVMI: A Cloud-Oriented Writable Virtual Machine IntrospectionWeizhong Qiang0https://orcid.org/0000-0003-4390-3819Gongping Xu1Weiqi Dai2Deqing Zou3Hai Jin4Services Computing Technology and System Lab, Cluster and Grid Computing Lab, Big Data Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, ChinaServices Computing Technology and System Lab, Cluster and Grid Computing Lab, Big Data Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, ChinaServices Computing Technology and System Lab, Cluster and Grid Computing Lab, Big Data Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, ChinaServices Computing Technology and System Lab, Cluster and Grid Computing Lab, Big Data Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, ChinaServices Computing Technology and System Lab, Cluster and Grid Computing Lab, Big Data Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, ChinaIoT generates considerable amounts of data, which often requires leveraging cloud computing to effectively scale the costs of transferring and computing these data. The concern regarding cloud security is more severe because many devices are connected to the cloud. It is important to automatically monitor and control these resources and services to efficiently and securely deliver cloud computing. The writable virtual machine introspection (VMI) technique can not only detect the runtime state of a guest VM from the outside but also update the state from the outside without any need for administrator efforts. Thus, the writable VMI technique can provide the benefit of high automation, which is helpful for automated cloud management. However, the existing writable VMI technique produces high overhead, fails to monitor the VMs distributed on different host nodes, and fails to monitor multiple VMs with heterogeneous guest OSes within a cloud; therefore, it cannot be applied for automated and centralized cloud management. In this paper, we present CloudVMI, which is a writable and crossnode monitoring VMI framework that can overcome the aforementioned issues. CloudVMI solves the semantic gap problem by redirecting the critical execution of system calls issued by the VMI program into the monitored VM. It has strong practicability by allowing one introspection program to inspect heterogeneous guest OSes and to monitor VMs distributed on remote host nodes. Thus, CloudVMI can be directly applied for automated and centralized cloud management. Moreover, we implement some defensive measures to secure CloudVMI itself. To highlight the writable capability and practical usefulness of CloudVMI, we implement four applications based on CloudVMI. CloudVMI is designed, implemented, and systematically evaluated. The experimental results demonstrate that CloudVMI is effective and practical for cloud management and that its performance overhead is acceptable compared with existing VMI systems.https://ieeexplore.ieee.org/document/8055541/Virtual machine introspectioncloud managementsecurity monitoring |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Weizhong Qiang Gongping Xu Weiqi Dai Deqing Zou Hai Jin |
spellingShingle |
Weizhong Qiang Gongping Xu Weiqi Dai Deqing Zou Hai Jin CloudVMI: A Cloud-Oriented Writable Virtual Machine Introspection IEEE Access Virtual machine introspection cloud management security monitoring |
author_facet |
Weizhong Qiang Gongping Xu Weiqi Dai Deqing Zou Hai Jin |
author_sort |
Weizhong Qiang |
title |
CloudVMI: A Cloud-Oriented Writable Virtual Machine Introspection |
title_short |
CloudVMI: A Cloud-Oriented Writable Virtual Machine Introspection |
title_full |
CloudVMI: A Cloud-Oriented Writable Virtual Machine Introspection |
title_fullStr |
CloudVMI: A Cloud-Oriented Writable Virtual Machine Introspection |
title_full_unstemmed |
CloudVMI: A Cloud-Oriented Writable Virtual Machine Introspection |
title_sort |
cloudvmi: a cloud-oriented writable virtual machine introspection |
publisher |
IEEE |
series |
IEEE Access |
issn |
2169-3536 |
publishDate |
2017-01-01 |
description |
IoT generates considerable amounts of data, which often requires leveraging cloud computing to effectively scale the costs of transferring and computing these data. The concern regarding cloud security is more severe because many devices are connected to the cloud. It is important to automatically monitor and control these resources and services to efficiently and securely deliver cloud computing. The writable virtual machine introspection (VMI) technique can not only detect the runtime state of a guest VM from the outside but also update the state from the outside without any need for administrator efforts. Thus, the writable VMI technique can provide the benefit of high automation, which is helpful for automated cloud management. However, the existing writable VMI technique produces high overhead, fails to monitor the VMs distributed on different host nodes, and fails to monitor multiple VMs with heterogeneous guest OSes within a cloud; therefore, it cannot be applied for automated and centralized cloud management. In this paper, we present CloudVMI, which is a writable and crossnode monitoring VMI framework that can overcome the aforementioned issues. CloudVMI solves the semantic gap problem by redirecting the critical execution of system calls issued by the VMI program into the monitored VM. It has strong practicability by allowing one introspection program to inspect heterogeneous guest OSes and to monitor VMs distributed on remote host nodes. Thus, CloudVMI can be directly applied for automated and centralized cloud management. Moreover, we implement some defensive measures to secure CloudVMI itself. To highlight the writable capability and practical usefulness of CloudVMI, we implement four applications based on CloudVMI. CloudVMI is designed, implemented, and systematically evaluated. The experimental results demonstrate that CloudVMI is effective and practical for cloud management and that its performance overhead is acceptable compared with existing VMI systems. |
topic |
Virtual machine introspection cloud management security monitoring |
url |
https://ieeexplore.ieee.org/document/8055541/ |
work_keys_str_mv |
AT weizhongqiang cloudvmiacloudorientedwritablevirtualmachineintrospection AT gongpingxu cloudvmiacloudorientedwritablevirtualmachineintrospection AT weiqidai cloudvmiacloudorientedwritablevirtualmachineintrospection AT deqingzou cloudvmiacloudorientedwritablevirtualmachineintrospection AT haijin cloudvmiacloudorientedwritablevirtualmachineintrospection |
_version_ |
1724195645436198912 |