CloudAuditor:基于嵌套虚拟化的云审计框架

2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud) Pub Date : 2016-06-01 DOI:10.1109/CSCloud.2016.40

Zhe Wang, Jin Zeng, Tao Lv, Bin Shi, Bo Li

{"title":"CloudAuditor:基于嵌套虚拟化的云审计框架","authors":"Zhe Wang, Jin Zeng, Tao Lv, Bin Shi, Bo Li","doi":"10.1109/CSCloud.2016.40","DOIUrl":null,"url":null,"abstract":"Recent years witness the successful adoption of Cloud computing. However, security remains the top concern for cloud users. The fundamental issue is that cloud providers cannot convince cloud users the trustworthiness of cloud platforms. In this paper, we propose a cloud auditing framework, named CloudAuditor, to examine the behaviors of cloud platforms. By leveraging nested virtualization technology, CloudAuditor could identify the stealthy memory and disk access from cloud platforms to users' virtual machines and can support the mainstream IaaS platforms such as VMware, Xen and KVM. We evaluate the effectiveness and efficiency of CloudAuditor through comprehensive experiments. The results show that CloudAuditor can identify the suspicious behaviors of cloud platforms with acceptable performance overhead.","PeriodicalId":410477,"journal":{"name":"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"CloudAuditor: A Cloud Auditing Framework Based on Nested Virtualization\",\"authors\":\"Zhe Wang, Jin Zeng, Tao Lv, Bin Shi, Bo Li\",\"doi\":\"10.1109/CSCloud.2016.40\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recent years witness the successful adoption of Cloud computing. However, security remains the top concern for cloud users. The fundamental issue is that cloud providers cannot convince cloud users the trustworthiness of cloud platforms. In this paper, we propose a cloud auditing framework, named CloudAuditor, to examine the behaviors of cloud platforms. By leveraging nested virtualization technology, CloudAuditor could identify the stealthy memory and disk access from cloud platforms to users' virtual machines and can support the mainstream IaaS platforms such as VMware, Xen and KVM. We evaluate the effectiveness and efficiency of CloudAuditor through comprehensive experiments. The results show that CloudAuditor can identify the suspicious behaviors of cloud platforms with acceptable performance overhead.\",\"PeriodicalId\":410477,\"journal\":{\"name\":\"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)\",\"volume\":\"36 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSCloud.2016.40\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSCloud.2016.40","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

摘要

近年来，云计算的应用取得了成功。然而，安全性仍然是云用户最关心的问题。最根本的问题是，云提供商无法让云用户相信云平台的可靠性。在本文中，我们提出了一个名为CloudAuditor的云审计框架来检查云平台的行为。通过利用嵌套虚拟化技术，CloudAuditor可以识别从云平台到用户虚拟机的内存和磁盘的秘密访问，并且可以支持主流的IaaS平台，如VMware、Xen和KVM。我们通过全面的实验来评估CloudAuditor的有效性和效率。结果表明，CloudAuditor可以识别出性能开销可接受的云平台的可疑行为。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

CloudAuditor: A Cloud Auditing Framework Based on Nested Virtualization

Recent years witness the successful adoption of Cloud computing. However, security remains the top concern for cloud users. The fundamental issue is that cloud providers cannot convince cloud users the trustworthiness of cloud platforms. In this paper, we propose a cloud auditing framework, named CloudAuditor, to examine the behaviors of cloud platforms. By leveraging nested virtualization technology, CloudAuditor could identify the stealthy memory and disk access from cloud platforms to users' virtual machines and can support the mainstream IaaS platforms such as VMware, Xen and KVM. We evaluate the effectiveness and efficiency of CloudAuditor through comprehensive experiments. The results show that CloudAuditor can identify the suspicious behaviors of cloud platforms with acceptable performance overhead.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)

自引率

0.00%

发文量