Software Integrity Verification Based on VMM-Level System Call Analysis Technique

Li Bo, Li Jianxin, Hu Chunming, Wo Tianyu, and Huai Jinpeng

Journal of Computer Research and Development > 2011 > 48(8): 1438-1446.

Li Bo, Li Jianxin, Hu Chunming, Wo Tianyu, and Huai Jinpeng. Software Integrity Verification Based on VMM-Level System Call Analysis Technique[J]. Journal of Computer Research and Development, 2011, 48(8): 1438-1446.

Citation:

PDF (1691 KB)

Software Integrity Verification Based on VMM-Level System Call Analysis Technique

Li Bo, Li Jianxin, Hu Chunming, Wo Tianyu, and Huai Jinpeng

(School of Computer Science and Engineering, Beihang University, Beijing 100191)

More Information

Published Date: August 14, 2011

Graphical Abstract

Abstract

Abstract

In virtualized cloud computing platform, the key security problem is to guarantee trustworthiness of the softwares which are running in the platform. Integrity measurement and verification has been proposed and studied by many researchers as an effective way to verify the integrity of computer systems. However, existing approaches have some limitations on compatibility, security and maintainability, and cannot be applied into the cloud computing platform. In this paper, we propose a approach named VMGuard, which leverages VMM to enable take integrity measurement outside the operating system. We adopt VMM-based system call interception technique to detect the execution of binaries. System call correlation and guest OS file system metadata reconstruction are proposed to verify the integrity of software in guest OS. We have developed a prototype of VMGuard and implemented it in two mainstream virtual machine monitors, Qemu and KVM, respectively. We also evaluate the effectiveness and performance overhead of our approach by comprehensive experiments. The results show that VMGuard achieves effective integrity measurement with less than 10% overhead.
- cloud computing,
- virtualization,
- integrity verification,
- system call analysis,
- software loading

FullText(HTML)

References (0)

[1]	Chen Shuping, Wei Hongmei, Wang Fei, Li Yi, He Wangquan, Qi Fengbin. Method to Create Aggregate Tree for Hardware Supported Collectives[J]. Journal of Computer Research and Development, 2024, 61(2): 503-517. DOI: 10.7544/issn1000-1239.202220684
[2]	Liu Shifang, Zhao Yonghua, Yu Tianyu, Huang Rongfeng. Efficient Implementation of Parallel Symmetric Matrix Tridiagonalization Algorithm on GPU Cluster[J]. Journal of Computer Research and Development, 2020, 57(12): 2635-2647. DOI: 10.7544/issn1000-1239.2020.20190731
[3]	Li Tao, Liu Xuechen, Zhang Shuai, Wang Kai, Yang Yulu. Parallel Support Vector Machine Training with Hybrid Programming Model[J]. Journal of Computer Research and Development, 2015, 52(5): 1098-1108. DOI: 10.7544/issn1000-1239.2015.20131492
[4]	Cao Hongjia, Lu Yutong, Xie Min, and Zhou Enqiang. Experiences and Scalability Analysis of Parallel Job Startup[J]. Journal of Computer Research and Development, 2013, 50(8): 1755-1761.
[5]	Li Qiang, Sun Ninghui, Huo Zhigang, Ma Jie. Optimizing MPI Alltoall Communications in Multicore Clusters[J]. Journal of Computer Research and Development, 2013, 50(8): 1744-1754.
[6]	Lü Huiwei, Cheng Yuan, Bai Lu, Chen Mingyu, Fan Dongrui, Sun Ninghui. Parallel Simulation of Many-Core Processor and Many-Core Clusters[J]. Journal of Computer Research and Development, 2013, 50(5): 1110-1117.
[7]	Xie Min, Lu Yutong, Zhou Enqiang, Cao Hongjia, and Yang Xuejun. Implementation and Evaluation of MPI Checkpointing System over Lustre File System[J]. Journal of Computer Research and Development, 2007, 44(10): 1709-1716.
[8]	Zhao Yonghua, Chi Xuebin, Cheng Qiang. Efficient Algorithms for Matrix Eigenproblem Solver on SMP Cluster[J]. Journal of Computer Research and Development, 2007, 44(2): 334-340.
[9]	Zhang Wenli, Chen Mingyu, and Fan Jianping. Emulation and Forecast of HPL Test Performance[J]. Journal of Computer Research and Development, 2006, 43(3): 557-562.
[10]	Zhou Enqiang, Lu Yutong, and Shen Zhiyu. Implementation of Checkpoint System Towards Large Scale Parallel Computing[J]. Journal of Computer Research and Development, 2005, 42(6): 987-992.