Authors: Ying-Chuan Chen, Shuen-Tai Wang

Abstract:

Security is an interesting and significance issue for popular virtual platforms, such as virtualization cluster and cloud platforms. Virtualization is the powerful technology for cloud computing services, there are a lot of benefits by using virtual machine tools which be called hypervisors, such as it can quickly deploy all kinds of virtual Operating Systems in single platform, able to control all virtual system resources effectively, cost down for system platform deployment, ability of customization, high elasticity and high reliability. However, some important security problems need to take care and resolved in virtual platforms that include terrible viruses, evil programs, illegal operations and intrusion behavior. In this paper, we present useful Intrusion Detection Mechanism (IDM) software that not only can auto to analyze all system-s operations with the accounting journal database, but also is able to monitor the system-s state for virtual platforms.

Keywords: security, cluster, cloud, virtualization, virtual machine, virus, intrusion detection

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1058797

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1489

References:

[1] M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin, I. Stoica and M. Zaharia, "A view of cloud computing," Communications of the ACM, vol. 53, no. 4, pp. 50-58, April 2010.
[2] M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katz, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica and M. Zaharia, "Above the Clouds: A Berkeley View of Cloud Computing," 2009.
[3] I. Foster, Z. Yong, I. Raicu and S. Lu, "Cloud Computing and Grid Computing 360-Degree Compared," IEEE Grid Computing Environments Workshop, pp. 1-10, 2008.
[4] Amazon EC2, http://aws.amazon.com/ec2.
[5] Amazon S3, http://aws.amazon.com/s3.
[6] Google App Engine, http://code.google.com/appengine/.
[7] Salesforce, http://www.salesforce.com/.
[8] Live Mesh, http://explore.live.com/windows-live-mesh.
[9] J. P. Buzen and U. O. Gagliardi, "The Evolution of Virtual Machine Architecture," National Computer Conference Proceedings, AFIPS Press, vol. 42, pp. 291-299, June 1973.
[10] R. A. Meyer and L. H. Seawright, "A Virtual Machine Time-Sharing System," IBM Systems Journal, vol. 9, no. 3, 1970.
[11] R. P. Goldberg, "Architecture of Virtual Machines," National Computer Conference Proceedings, AFIPS Press, vol. 42, pp. 309-318, June 1973.
[12] R. P. Goldberg, "Survey of Virtual Machine Research," IEEE Computer, vol. 7, no. 6, pp. 34-45, June 1974.
[13] L. Nussbaum, F. Anhalt, O. Mornard and J.-P. Gelas, "Linux-based virtualization for HPC clusters," Linux Symposium, pp. 221-234, July 2009.
[14] M. Fenn, M. Murphy, and S. Goasguen, "A Study of a KVM-based Cluster for Grid Computing," 47th ACM Southeast Conference, March 2009.
[15] Wei Chen, Hongyi Lu, Li Shen, Zhiying Wang, Nong Xiao and Dan Chen, "A Novel Hardware Assisted Full Virtualization Technique," The 9th International Conference for Young Computer Scientists, pp. 1292-1297, Nov. 2008.
[16] Intel-VT, http://www.intel.com/technology/virtualization/.
[17] G. Neiger, A. Santoni et all, "Intel Virtualization Technology: Hardware Support for Efficient Processor Virtualization", Intel Computer Journal, vol. 10, issue 3, August 2006.
[18] Rich Uhlig, Gil Neiger, Dion Rodgers, Amy L. Santoni, Fernando C.M. Martins, Andrew V. Anderson, Steven M. Bennett, Alain Kagi, Felix H. Leung, Larry Smith, "Intel Virtualization Technology," IEEE Computer, vol. 38, no. 5, pp. 48-56, May 2005.
[19] AMD-V, http://sites.amd.com/us/business/it-solutions/virtualization/Pages/virtual ization.aspx.
[20] Greg Goth, "Virtualization: Old Technology Offers Huge New Potential," IEEE Distributed Systems Online, vol. 8, no. 2, 2007.
[21] Yan Wen, Jinjing Zhao, Huaimin Wang and Jiannong Cao, "Implicit Detection of Hidden Processes with a Feather-Weight Hardware-Assisted Virtual Machine," ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy, pp. 361-375, 2008.
[22] B. R. Kandukuri, V. R. Paturi and Atanu Rakshit, "Cloud Security Issues," 2009 IEEE International Conference on Services Computing, pp. 517 -520, 2009.
[23] Sean Carlin and Kevin Curran, "Cloud Computing Security," International Journal of Ambient Computing and Intelligence, vol. 3, no. 1, pp. 38-46, 2011.
[24] T. Mather, S. Kumaraswamy and S. Latif, Cloud Security and Privacy, O'Reilly, ISBN. 978-0-596-80276-9, 2009.
[25] IDP, http://aide.sourceforge.net/.
[26] ac, http://linux.die.net/man/1/ac
[27] accton, http://linux.die.net/man/8/accton
[28] lastcomm, http://linux.die.net/man/1/lastcomm
[29] sa, http://linux.die.net/man/8/sa
[30] iptables, http://linux.die.net/man/8/iptables
[31] NAT, http://www.hjp.at/doc/rfc/rfc1631.html
[32] kpartx, http://linux.die.net/man/8/kpartx
[33] Kernel-based Virtual Machine, http://www.linux-kvm.org/
[34] Avi Kivity, Yaniv Kamay, Dor Laor, Uri Lublin and Anthony Liguori, "kvm: the Linux Virtual Machine Monitor," In Proceedings of the Linux Symposium, vol. 1, pp. 225-230, June 2007.
[35] I. Habib, "Virtualization with KVM," Linux Journal, Vol. 2008, Feb. 2008.