Virtual Machine Introspection Based Cloud Monitoring Platform
| Title | Virtual Machine Introspection Based Cloud Monitoring Platform |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Laurén, Samuel, Leppänen, Ville |
| Conference Name | Proceedings of the 19th International Conference on Computer Systems and Technologies |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-6425-6 |
| Keywords | composability, cryptography, cyber physical systems, KVM, Monitoring, pubcrawl, Resiliency, security, virtual machine introspection, virtual machine security |
| Abstract | Virtual Machine Introspection (VMI) is an emerging family of techniques for extracting data from virtual machines without the use of active monitoring probes within the target machines themselves. In VMI based systems, the data is collected at the hypervisor-level by analyzing the state of virtual machines. This has the benefit of making collection harder to detect and block by malware as there is nothing in the machine indicating that monitoring is taking place. In this paper we present Nitro Web, a web-based monitoring system for virtual machines that uses virtual machine introspection for data collection. The platform is capable of detecting and visualizing system call activity taking place within virtual machines in real-time. The secondary purpose of this paper is to offer an introduction to Nitro virtual machine introspection framework that we have been involved in developing. In this paper, we reflect on how Nitro Framework can be used for building applications making use of VMI data. |
| URL | https://dl.acm.org/citation.cfm?doid=3274005.3274030 |
| DOI | 10.1145/3274005.3274030 |
| Citation Key | laurenVirtualMachineIntrospection2018 |