Welcome to the InfoSci Platform
Reference Hub7
TVGuarder: A Trace-Enable Virtualization Protection Framework against Insider Threats for IaaS Environments

TVGuarder: A Trace-Enable Virtualization Protection Framework against Insider Threats for IaaS Environments

Li Lin, Shuang Li, Bo Li, Jing Zhan, Yong Zhao
Copyright: © 2016 |Volume: 8 |Issue: 4 |Pages: 20
ISSN: 1938-0259|EISSN: 1938-0267|EISBN13: 9781466690011|DOI: 10.4018/IJGHPC.2016100101
Cite Article Cite Article

MLA

Lin, Li, et al. "TVGuarder: A Trace-Enable Virtualization Protection Framework against Insider Threats for IaaS Environments." IJGHPC vol.8, no.4 2016: pp.1-20. http://doi.org/10.4018/IJGHPC.2016100101

APA

Lin, L., Li, S., Li, B., Zhan, J., & Zhao, Y. (2016). TVGuarder: A Trace-Enable Virtualization Protection Framework against Insider Threats for IaaS Environments. International Journal of Grid and High Performance Computing (IJGHPC), 8(4), 1-20. http://doi.org/10.4018/IJGHPC.2016100101

Chicago

Lin, Li, et al. "TVGuarder: A Trace-Enable Virtualization Protection Framework against Insider Threats for IaaS Environments," International Journal of Grid and High Performance Computing (IJGHPC) 8, no.4: 1-20. http://doi.org/10.4018/IJGHPC.2016100101

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

Cloud computing has a most vulnerable security concerns as virtualization. This paper presents a Trace-enable Virtualization protection framework named TVGuarder, which protects IaaS user's important data from being illegally accessed or maliciously damaged by insider attacks. A threat model is established to characterize cloud-oriented insider attacks and countermeasures are proposed in TVGuarder. First, LSM hooks in host OS kernel are leveraged to enforce that VM images could only be accessed by host virtualization service. Second, a trusted loading mechanism is proposed to prevent tampered or disguised virtualization process from being executed in Host OS. Third, a log-based back tracing mechanism is designed to record full call trace of VM operations and guarantee that only legitimate VM operations are allowed. TVGuarder has been implemented in Openstack platform and several comprehensive experiments are conducted. Experimental results show that TVGuarder can identify several important insider attacks and protect virtual machine images with only a small performance degradation.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.