Supporting Virtualization-Aware Security Solutions Using a Systematic Approach to Overcome the Semantic Gap
A prerequisite to implementing virtualization-aware security solutions is to solve the "semantic gap" problem. Current approaches require a deep knowledge of the kernel data to manually solve the semantic gap. However, kernel data is very complex; an Operating System (OS) kernel contains t...
Saved in:
| Published in | 2012 IEEE Fifth International Conference on Cloud Computing pp. 836 - 843 |
|---|---|
| Main Authors | , , , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
01.06.2012
|
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Abstract | A prerequisite to implementing virtualization-aware security solutions is to solve the "semantic gap" problem. Current approaches require a deep knowledge of the kernel data to manually solve the semantic gap. However, kernel data is very complex; an Operating System (OS) kernel contains thousands of data structures that have direct and indirect (pointer) relations between each other with no explicit integrity constraints. This complexity makes it impractical to use manual methods. In this paper, we present a new solution to systematically and efficiently solve the semantic gap for any OS, without any prior knowledge of the OS. We present: (i) KDD, a tool that systematically builds a precise kernel data definition for any C-based OS such as Windows and Linux. KDD generates this definition by performing points-to analysis on the kernel's source code to disambiguate the pointer relations. (ii) SVA, a security appliance that solves the semantic gap based on the generated definition, to systematically and externally map the virtual machines' physical memory and extract the runtime dynamic objects. We have implemented prototypes for KDD and SVA, and have performed different experiments to prove their effectiveness. |
|---|---|
| AbstractList | A prerequisite to implementing virtualization-aware security solutions is to solve the "semantic gap" problem. Current approaches require a deep knowledge of the kernel data to manually solve the semantic gap. However, kernel data is very complex; an Operating System (OS) kernel contains thousands of data structures that have direct and indirect (pointer) relations between each other with no explicit integrity constraints. This complexity makes it impractical to use manual methods. In this paper, we present a new solution to systematically and efficiently solve the semantic gap for any OS, without any prior knowledge of the OS. We present: (i) KDD, a tool that systematically builds a precise kernel data definition for any C-based OS such as Windows and Linux. KDD generates this definition by performing points-to analysis on the kernel's source code to disambiguate the pointer relations. (ii) SVA, a security appliance that solves the semantic gap based on the generated definition, to systematically and externally map the virtual machines' physical memory and extract the runtime dynamic objects. We have implemented prototypes for KDD and SVA, and have performed different experiments to prove their effectiveness. |
| Author | Grundy, J. Almorsy, M. Hamlyn-Harris, J. Ibrahim, A. S. |
| Author_xml | – sequence: 1 givenname: A. S. surname: Ibrahim fullname: Ibrahim, A. S. email: aibrahim@swin.edu.au organization: Centre for Comput. & Eng. Software Syst., Swinburne Univ. of Technol., Melbourne, VIC, Australia – sequence: 2 givenname: J. surname: Hamlyn-Harris fullname: Hamlyn-Harris, J. email: jhamlynharris@swin.edu.au organization: Centre for Comput. & Eng. Software Syst., Swinburne Univ. of Technol., Melbourne, VIC, Australia – sequence: 3 givenname: J. surname: Grundy fullname: Grundy, J. email: jgrundy@swin.edu.au organization: Centre for Comput. & Eng. Software Syst., Swinburne Univ. of Technol., Melbourne, VIC, Australia – sequence: 4 givenname: M. surname: Almorsy fullname: Almorsy, M. email: malmorsy@swin.edu.au organization: Centre for Comput. & Eng. Software Syst., Swinburne Univ. of Technol., Melbourne, VIC, Australia |
| BookMark | eNo9jM9LwzAcxaNOcJu7evGSf6Azv75pcxxTpzDYoZvXkbaJi65NSVNl_vVaFOHBg_c-703QqPGNQeiGkjmlRN0t15vd_ZwRyuaUqTM0IalUIFIAdY7GjIJKJFXkAs1UmlEhU84yxcjov8vYFZp13RshhJIMgPIxes_7tvUhuuYVv7gQe310Xzo63ySLTx0Mzk3ZBxdPOPfHfsg7vOsGWuP81EVT_8AlXrRt8Lo84Ojx5sOE0tcGx8Mwr3UzECvdXqNLq4-dmf35FG0fH7bLp2S9WT0vF-vEKRKTzBbVj3QFwpZVYQrLgRNqBRQAYLgqpK5KKygFqbgkFRO00KasUsmYTQWfotvfW2eM2bfB1Tqc9pIBh0zyb_sPYKM |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/CLOUD.2012.129 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library Online IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE/IET Electronic Library url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 0769547559 9780769547558 |
| EISSN | 2159-6190 |
| EndPage | 843 |
| ExternalDocumentID | 6253586 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IF 6IK 6IL 6IN AAJGR ABLEC ACGFS ADZIZ ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK IPLJI M43 OCL RIE RIL |
| ID | FETCH-LOGICAL-i90t-8fbdfbdad54fcdbebf35301f45b555e39b6adcf411569360d241baecd7622f743 |
| IEDL.DBID | RIE |
| ISBN | 9781467328920 1467328928 |
| ISSN | 2159-6182 |
| IngestDate | Wed Jun 26 19:24:14 EDT 2024 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i90t-8fbdfbdad54fcdbebf35301f45b555e39b6adcf411569360d241baecd7622f743 |
| PageCount | 8 |
| ParticipantIDs | ieee_primary_6253586 |
| PublicationCentury | 2000 |
| PublicationDate | 2012-June |
| PublicationDateYYYYMMDD | 2012-06-01 |
| PublicationDate_xml | – month: 06 year: 2012 text: 2012-June |
| PublicationDecade | 2010 |
| PublicationTitle | 2012 IEEE Fifth International Conference on Cloud Computing |
| PublicationTitleAbbrev | cloud |
| PublicationYear | 2012 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0001085513 ssj0000781062 |
| Score | 1.5497335 |
| Snippet | A prerequisite to implementing virtualization-aware security solutions is to solve the "semantic gap" problem. Current approaches require a deep knowledge of... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 836 |
| SubjectTerms | Algorithm design and analysis Context Data structures IaaS Kernel Kernel data structures points-to analysis Runtime Security semantic gap Semantics virtualization-aware security solutions |
| Title | Supporting Virtualization-Aware Security Solutions Using a Systematic Approach to Overcome the Semantic Gap |
| URI | https://ieeexplore.ieee.org/document/6253586 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3PS8MwFA7bTp6mbuJvcvBoujZtanIc0zlEnbBNdhtNk8gYbmN0CP71vqRZFfEglNKWFtrkJe_L6_e-h9BVnAsd5jQmIexJQnVCeCoYoTlVlFmXLx1B9jkdTJKHKZvW0HWVC6O1duQzHdhD9y9frfKtDZV1AKvHjKd1VL8RoszVquIpVrQm9NJ3Lr5iCViuOjI4NQErJE5dXldq1WkE5Tu5J38eekHHKBSd3uNwcmtZXzSILPT8UXbFeZ1-Ez3t3rckmyyCbSGD_POXlON_P2gftb_z-_BL5bkOUE0vD1FzV-AB-_HeQgtb83NldQbe8Ot8Y1NNfNom6X5kG41HvvodrqJr2HEQcIZHlUQ07nrdclys8BCGDhi5xgA84fF36Fi44z5bt9G4fzfuDYivzkDmIiwIN1LBlimWmFxJLU3MYLIwCZOMMR0LmWYqNwkgzlTEaagAKshM5wpmX2oAtxyhxnK11McIUwWGEoFJC5MlXGphIgmrIm04gB_OoxPUsk03W5f6GzPfaqd_Xz5De7brSjrXOWoUm62-AOBQyEtnMV_f4b2g |
| link.rule.ids | 310,311,783,787,792,793,799,27937,55086 |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3PT8IwFG4QD3pCBeNve_DoYOvWpT0SFFH5YQIYbmRdW0OIQMiIiX-9r12ZxngwWZZt2ZKtfe37-va97yF0E6Zc-SkJPR_2XkRU5LGYU4-kRBJqXL6wBNl-3BlHTxM6KaHbIhdGKWXJZ6puDu2_fLlMNyZU1gCsHlIW76BdwNUszrO1ioiKka3xnfidjbAYCpatjwxujcMaiRGb2RUbfRpO2FbwyZ37TtIx8Hmj1R2M7wzvi9QDAz5_FF6xfqddQb3tG-d0k3l9k4l6-vlLzPG_n3SAat8Zfvil8F2HqKQWR6iyLfGA3Yivormp-rk0SgNv-HW2NskmLnHTa34ka4WHrv4dLuJr2LIQcIKHhUg0bjrlcpwt8QAGD5i5wgA94fF36Fq44yFZ1dCofT9qdTxXn8GbcT_zmBYStkTSSKdSKKFDCtOFjqiglKqQiziRqY4Ac8Y8jH0JYEEkKpUw_xINyOUYlRfLhTpBmEgwlQCMmuskYkJxHQhYFynNAP4wFpyiqmm66SpX4Ji6Vjv7-_I12uuMet1p97H_fI72TTfm5K4LVM7WG3UJMCITV9Z6vgD49sDr |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2012+IEEE+Fifth+International+Conference+on+Cloud+Computing&rft.atitle=Supporting+Virtualization-Aware+Security+Solutions+Using+a+Systematic+Approach+to+Overcome+the+Semantic+Gap&rft.au=Ibrahim%2C+A.+S.&rft.au=Hamlyn-Harris%2C+J.&rft.au=Grundy%2C+J.&rft.au=Almorsy%2C+M.&rft.date=2012-06-01&rft.pub=IEEE&rft.isbn=9781467328920&rft.issn=2159-6182&rft.eissn=2159-6190&rft.spage=836&rft.epage=843&rft_id=info:doi/10.1109%2FCLOUD.2012.129&rft.externalDocID=6253586 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2159-6182&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2159-6182&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2159-6182&client=summon |