VM introspection-based allowlisting for IaaS

Farah Fargo, Olivier Franza, Cihan Tunc, Salim Hariri

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Cloud computing has become the main backend of the IT infrastructure as it provides ubiquitous and on-demand computing to serve to a wide range of users including end-users and high-performance demanding agencies. The users can allocate and free resources allocated for their Virtual Machines (VMs) as needed. However, with the rapid growth of interest in cloud computing systems, several issues have arisen especially in the domain of cybersecurity. It is a known fact that not only the malicious users can freely allocate VMs, but also they can infect victims' VMs to run their own tools that include cryptocurrency mining, ransomware, or cyberattacks against others. Even though there exist intrusion detection systems (IDS), running an IDS on every VM can be a costly process and it would require fine configuration that only a small subset of the cloud users are knowledgeable about. Therefore, to overcome this challenge, in this paper we present a VM introspection based allowlisting method to be deployed and managed directly by the cloud providers to check if there are any malicious software running on the VMs with minimum user intervention. Our middleware monitors the processes and if it detects unknown events, it will notify the users and/or can take action as needed.

Original languageEnglish (US)
Title of host publication2020 7th International Conference on Internet of Things
Subtitle of host publicationSystems, Management and Security, IOTSMS 2020
EditorsLarbi Boubchir, Elhadj Benkhelifa, Yaser Jararweh, Imad Saleh
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9780738124605
DOIs
StatePublished - Dec 14 2020
Event7th International Conference on Internet of Things: Systems, Management and Security, IOTSMS 2020 - Virtual, Paris, France
Duration: Dec 14 2020Dec 16 2020

Publication series

Name2020 7th International Conference on Internet of Things: Systems, Management and Security, IOTSMS 2020

Conference

Conference7th International Conference on Internet of Things: Systems, Management and Security, IOTSMS 2020
CountryFrance
CityVirtual, Paris
Period12/14/2012/16/20

Keywords

  • Cloud attacks
  • Cloud computing
  • IaaS
  • Infrastructure as a service
  • Virtual machine introspection VMI

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications
  • Computer Science Applications
  • Information Systems and Management
  • Energy Engineering and Power Technology

Fingerprint Dive into the research topics of 'VM introspection-based allowlisting for IaaS'. Together they form a unique fingerprint.

Cite this