Abstract
The dramatic proliferation of cloud computing makes it an attractive target for malicious attacks. Increasing solutions resort to virtual machine introspection (VMI) to deal with security issues in the cloud environment. However, the existing works are not feasible to support tenants to customize individual security services based on their security requirements flexibly. Additionally, adoption of VMI-based security solutions makes tenants at the risk of exposing sensitive information to attackers. To alleviate the security and privacy anxieties of tenants, we present SECLOUD, a framework for monitoring VMs in the cloud for security analysis in this paper. By extending VMI techniques, SECLOUD provides remote tenants or their authorized security service providers with flexible interfaces for monitoring runtime information of guest virtual machines (VMs) in a non-intrusive manner. The proposed framework enhances effectiveness of monitoring by taking advantages of architectural symmetry of cloud environment. Moreover, we harden our framework with a privacy-preserving capacity for tenants. The flexibility and effectiveness of SECLOUD is demonstrated through a prototype implementation based on Xen hypervisor, which results in acceptable performance overhead.
Highlights
Despite the proliferation and popularity of cloud computing, security and privacy threats have been endlessly emerging and have been an obstacle for further usage of cloud computing [1]
We consider that a cloud service provider is trusted and has a vested interest in protecting guest virtual machines (VMs) hosted on his platform from being compromised
To confirm that S E C LOUD can provide tenants with flexible monitoring of guest VMs effectively, we evaluate our implementation with three different test scenarios driven by different security requirements
Summary
Despite the proliferation and popularity of cloud computing, security and privacy threats have been endlessly emerging and have been an obstacle for further usage of cloud computing [1]. Due to the inherent deficiency of unsafe languages or implementation complexity, almost all large real-world services running in the cloud always come with its own set of vulnerabilities. They could be the target, as well as the source, of malicious attack to adversaries. A compromised application or virtual machine (VM) will be used to exploit other VMs on the same physical platform. Protecting VMs from advanced, sophisticated attacks is a highly urgent task
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
