Journal of Computer Research and Development ›› 2017, Vol. 54 ›› Issue (10): 2310-2320.doi: 10.7544/issn1000-1239.2017.20170452
Previous Articles Next Articles
Liu Weijie, Wang Lina, Tan Cheng, Xu Lai
Online:
Abstract: Virtualization technology as the basis of cloud computing has been widely used, while security issues of virtual machine have been attracted more and more attention. The virtual machine introspection, as an “out-of-the-box” method leveraged to monitoring virtual machine, provides a new perspective for solving the security problems. Aiming at this situation, a triggering mechanism based on VMFUNC is proposed. Taking the advantages of the CPU hardware features VM-Function and RDTSC emulation, the mechanism minimizes the overhead of VM exits. Based on the extended page table view switching through the VMFUNC, our mechanism avoids the system pause caused by VMI programs. By means of overloading VMFUNC and Xentrace, our method can trigger VMI programs actively, thus overcoming the VMI program resident consumption. In this paper, a VMI-as-a-service system is implemented and verified by experiments. The results show that the performance cost is no more than 2%, which makes VMI widely being used possible in practical cloud environment.
Key words: cloud computing security, virtual machine introspection, VMFUNC, extended page table pointer (EPTP) switching, VMI-as-a-service
CLC Number:
TP309
Liu Weijie, Wang Lina, Tan Cheng, Xu Lai. A Virtual Machine Introspection Triggering Mechanism Based on VMFUNC[J]. Journal of Computer Research and Development, 2017, 54(10): 2310-2320.
0 / / Recommend
Add to citation manager EndNote|Reference Manager|ProCite|BibTeX|RefWorks
URL: https://crad.ict.ac.cn/EN/10.7544/issn1000-1239.2017.20170452
https://crad.ict.ac.cn/EN/Y2017/V54/I10/2310