Abstract
Virtual machine introspection is a technique used to inspect and analyse the code running on a given virtual machine. Virtual machine introspection has gained considerable attention in the field of computer security research. In recent years, it has been applied in various areas, ranging from intrusion detection and malware analysis to complete cloud monitoring platforms. A survey of existing virtual machine introspection tools is necessary to address various possible research gaps and to focus on key features required for wide application of virtual machine introspection techniques. In this paper, we focus on the evolution of virtual machine introspection tools and their ability to address the semantic gap problem.
Highlights
Security and safety are two principal factors governing future cloud computing research and development
We expect the following outcomes from our manuscript. We believe that it will provide a guide for future developers of virtual machine introspection (VMI) tools looking to develop various applications for cloud security and malware detection based on VMI
As the API resides inside a secure Virtual Machine (VM), there is no possibility of malware infecting the API
Summary
Security and safety are two principal factors governing future cloud computing research and development. Our work of reviewing virtual machine introspection (VMI) techniques predominantly targets cloud computing enabler virtualisation, with security as its major concern. We expect the following outcomes from our manuscript We believe that it will provide a guide for future developers of VMI tools looking to develop various applications for cloud security and malware detection based on VMI. Minimum modifications to hypervisor: Introspection techniques should work independently and make minimum modifications to the hypervisor code This is important in the application of VMI during minor revisions and in future versions of the VMM. Taxonomy of VMI There are different possible events related to a guest VM and a guest OS running on it These events can be grouped to have introspection at various degrees A brief overview is given below: 1. System Events Introspection (a) System Call introspection (b) Interrupt Requests Introspection (c) I/O Device Driver Introspection
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
