基于VMM层系统调用分析的软件完整性验证  被引量:13

Software Integrity Verification Based on VMM-Level System Call Analysis Technique

在线阅读下载全文

作  者:李博[1] 李建欣[1] 胡春明[1] 沃天宇[1] 怀进鹏[1] 

机构地区:[1]北京航空航天大学计算机学院,北京100191

出  处:《计算机研究与发展》2011年第8期1438-1446,共9页Journal of Computer Research and Development

基  金:国家自然科学基金项目(91018004;60903149);国家"九七三"重点基础研究发展计划项目(2011CB302600);北京航空航天大学科技领航基金项目(YWF-11-02-010)

摘  要:在虚拟化云计算平台中,如何保证其上运行软件的可信性是云平台广泛应用的关键.完整性测量与验证技术是保证软件系统可信性的一种主要方法.然而,现有的软件完整性验证系统大多需要修改操作系统内核,很难为大规模虚拟机环境中的众多异构系统提供一致解决方案,且无法抵御内核级恶意攻击.针对当前方法在兼容性、安全性以及可管理性上存在的问题,设计并实现了一种在VMM层基于系统调用分析技术来验证软件完整性的方法VMGuard.它通过截获客户操作系统中的系统调用来识别软件加载,并基于系统调用关联性分析和虚拟机文件系统元数据重构技术来验证客户操作系统中软件的完整性.在Qemu和KVM两种主流虚拟化平台上实现了VMGuard,并通过实验评测VMGuard的有效性和性能.实验结果表明,VMGuard能够有效验证客户操作系统中软件的完整性,且性能开销在10%以内.Abstract In virtualized cloud computing platform, the key security problem is to guarantee trustworthiness of the softwares which are running in the platform. Integrity measurement and verification has been proposed and studied by many researchers as an effective way to verify the integrity of computer systems. However, existing approaches have some limitations on compatibility, security and maintainability, and cannot be applied into the cloud computing platform. In this paper, we propose a approach named VMGuard, which leverages VMM to enable take integrity measurement outside the operating system. We adopt VMM-based system call interception technique to detect the execution of binaries. System call correlation and guest OS file system metadata reconstruction are proposed to verify the integrity of software in guest OS. We have developed a prototype of VMGuard and implemented it in two mainstream virtual machine monitors, Qemu and KVM, respectively. We also evaluate the effectiveness and performance overhead of our approach by comprehensive experiments. The results show that VMGuard achieves effective integrity measurement with less than 10% overhead.

关 键 词:云计算 虚拟化 完整性验证 系统调用分析 软件加载 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象