TY - JOUR
T1 - Outlier
T2 - Enabling Effective Measurement of Hypervisor Code Integrity With Group Detection
AU - Gu, Jianan
AU - Ma, Yukun
AU - Zheng, Beilei
AU - Weng, Chuliang
N1 - Publisher Copyright:
© 2004-2012 IEEE.
PY - 2022
Y1 - 2022
N2 - Virtualization brings the benefits of utilization and scalability to the multi-tenant cloud platforms. However, the hypervisor, as one of the foundations in virtualization, is challenging to survive under various malicious attacks due to its large attack surface. This article presents a novel group detection framework for the hypervisor code integrity, called Outlier. In an Outlier group, each host contains two parts. One is a distributed detection protocol, called Co-protocol, and the other is a detection interface, called Checker. The Co-protocol constructs trust for the integrity detection within an Outlier group. With the Co-protocol, each Checker conducts reliable integrity detection on the hypervisor code, and then the potential 'outlier' host is perceived. We implement our Outlier prototype on the Xen hypervisor and evaluate its overhead. Experiments show that the introduction of the Outlier has few impacts on the performance of the virtualized systems.
AB - Virtualization brings the benefits of utilization and scalability to the multi-tenant cloud platforms. However, the hypervisor, as one of the foundations in virtualization, is challenging to survive under various malicious attacks due to its large attack surface. This article presents a novel group detection framework for the hypervisor code integrity, called Outlier. In an Outlier group, each host contains two parts. One is a distributed detection protocol, called Co-protocol, and the other is a detection interface, called Checker. The Co-protocol constructs trust for the integrity detection within an Outlier group. With the Co-protocol, each Checker conducts reliable integrity detection on the hypervisor code, and then the potential 'outlier' host is perceived. We implement our Outlier prototype on the Xen hypervisor and evaluate its overhead. Experiments show that the introduction of the Outlier has few impacts on the performance of the virtualized systems.
KW - Virtualization
KW - group detection
KW - hypervisor code integrity
UR - https://www.scopus.com/pages/publications/85113214712
U2 - 10.1109/TDSC.2021.3104900
DO - 10.1109/TDSC.2021.3104900
M3 - 文章
AN - SCOPUS:85113214712
SN - 1545-5971
VL - 19
SP - 3686
EP - 3698
JO - IEEE Transactions on Dependable and Secure Computing
JF - IEEE Transactions on Dependable and Secure Computing
IS - 6
ER -