A Concurrent Security Monitoring Method for
Virtualization Environments
TIAN Donghai;JIA Xiaoqi;CHEN Junhua;HU Changzhen
【期刊名称】《中国通信》 【年(卷),期】2016(013)001
【摘要】Recently,virtualization technologies have been widely used in industry.In order to monitor the security of target systems in virtualization environments,conventional methods usually put the security monitoring mechanism into the normal functionality of the target systems.However,these methods are either prone to be tempered by attackers or introduce considerable performance overhead for target systems.To address these problems,in this paper,we present a concurrent security monitoring method which decouples traditional serial mechanisms,including security event collector and analyzer,into two concurrent components.On one hand,we utilize the SIM framework to deploy the event collector into the target virtual machine.On the other hand,we combine the virtualization technology and multi-core technology to put the event ana lyzer into a trusted execution environment.To address the synchronization problem between these two concurrent components,we make use of Lamport's ring buffer algorithm.Based on the Xen hypervisor,we have implemented a prototype system named COMO.The exper imental results show that
A Concurrent Security Monitoring Method for Virtualization Environments
