POSTER: TraceVirt: A Framework for Detecting the Non-tampering Attacks in the Virtual Machine

机译：海报：TraceVirt：一种检测虚拟机中的非篡改攻击的框架

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Building a trustworthy cloud is critical for its practical use. Most current researches usually take integrity measurements using trusted computing to address trust issue, such as integrity measurement architecture (IMA) implemented in Linux kernel. However, some runtime attacks intrude the system while not tampering with the programs, which cannot be detected by integrity mechanism. We call them non-tampering attacks. This paper presents TraceVirt, a framework for detecting these non-tampering attacks, which combines the strong isolation and event-driven capacity to log runtime information. The logging data is processed by remote intrusion analysis cluster to analyze potential attacks. The experimental results show that TraceVirt can detect the real world non-tampering attacks and the performance overhead is acceptable.

机译：建立一个值得信赖的云对其实际使用至关重要。大多数目前的研究通常使用可信计算来解决信任问题，例如在Linux内核中实现的完整性测量架构（IMA）。然而，一些运行时攻击侵入系统，同时不会篡改程序，程序无法通过完整性机制检测。我们称他们为非篡改攻击。本文介绍了TraceVirt，一种用于检测这些非篡改攻击的框架，它将强度的隔离和事件驱动的容量与日志运行时信息相结合。通过远程入侵分析集群处理日志记录数据以分析潜在攻击。实验结果表明，TraceVirt可以检测真实世界的非篡改攻击，并且性能开销是可接受的。

著录项

来源
《ACM Conference on Computer and Communications Security》|2014年||共3页
会议地点
作者
Jie Lin; Chuanyi Liu; Binxing Fang;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TP309-53;
关键词
Measurement; Design; Experimentation; Security; Virtual machine; Cloud; Security; Detection; Logging;

机译：测量;设计;实验;安全;虚拟机;云;安全;检测;记录;

相似文献

外文文献
中文文献
专利

1. An SVM-based framework for detecting DoS attacks in virtualized clouds under changing environment [J] . Adel Abusitta, Martine Bellaiche, Michel Dagenais Journal of Cloud Computing: Advances, Systems and Applications . 2018,第1期

机译：基于SVM的框架，可在变化的环境下检测虚拟化云中的DoS攻击
2. Dynamic State-Based Security Architecture for Detecting Security Attacks in Virtual Machines [J] . Udaya Kiran Tupakula, Vijay Varadharajan The Computer journal . 2012,第4期

机译：基于动态状态的动态安全体系结构，用于检测虚拟机中的安全攻击
3. CyberPulse++: A machine learning-based security framework for detecting link flooding attacks in software defined networks [J] . Raihan ur Rasool, Khandakar Ahmed, Zahid Anwar, International Journal of Intelligent Systems . 2021,第8期

机译：Cyber Pulse ++：一种基于机器学习的安全框架，用于检测软件定义网络中的链路泛洪攻击
4. POSTER: TraceVirt: A Framework for Detecting the Non-tampering Attacks in the Virtual Machine [C] . Jie Lin, Chuanyi Liu, Binxing Fang ACM Conference on Computer and Communications Security . 2014

机译：海报：TraceVirt：一种检测虚拟机中的非篡改攻击的框架
5. Use of Machine Learning in Detecting Network Attacks, Malware and APTs [D] . Gupta, Navneet. 2017

机译：机器学习在检测网络攻击，恶意软件和APT中的用途
6. A virtual trial framework for quantifying the detectability of masses in breast tomosynthesis projection data [O] . Stefano Young, Predrag R. Bakic, Kyle J. Myers, -1

机译：虚拟试验框架用于量化乳房断层合成投影数据中肿块的可检测性
7. An SVM-based framework for detecting DoS attacks in virtualized clouds under changing environment [O] . Adel Abusitta, Martine Bellaiche, Michel Dagenais 2018

机译：基于SVM的框架，用于在更改环境下检测虚拟化云中的DOS攻击

POSTER: TraceVirt: A Framework for Detecting the Non-tampering Attacks in the Virtual Machine

摘要

著录项

相似文献

相关主题

期刊订阅