Software Integrity Verification Based on VMM-Level System Call Analysis Technique

Li Bo, Li Jianxin, Hu Chunming, Wo Tianyu, and Huai Jinpeng

Journal of Computer Research and Development > 2011 > 48(8): 1438-1446.

Li Bo, Li Jianxin, Hu Chunming, Wo Tianyu, and Huai Jinpeng. Software Integrity Verification Based on VMM-Level System Call Analysis Technique[J]. Journal of Computer Research and Development, 2011, 48(8): 1438-1446.

Citation:

PDF (1691 KB)

Software Integrity Verification Based on VMM-Level System Call Analysis Technique

Li Bo, Li Jianxin, Hu Chunming, Wo Tianyu, and Huai Jinpeng

(School of Computer Science and Engineering, Beihang University, Beijing 100191)

More Information

Published Date: August 14, 2011

Graphical Abstract

Abstract

Abstract

In virtualized cloud computing platform, the key security problem is to guarantee trustworthiness of the softwares which are running in the platform. Integrity measurement and verification has been proposed and studied by many researchers as an effective way to verify the integrity of computer systems. However, existing approaches have some limitations on compatibility, security and maintainability, and cannot be applied into the cloud computing platform. In this paper, we propose a approach named VMGuard, which leverages VMM to enable take integrity measurement outside the operating system. We adopt VMM-based system call interception technique to detect the execution of binaries. System call correlation and guest OS file system metadata reconstruction are proposed to verify the integrity of software in guest OS. We have developed a prototype of VMGuard and implemented it in two mainstream virtual machine monitors, Qemu and KVM, respectively. We also evaluate the effectiveness and performance overhead of our approach by comprehensive experiments. The results show that VMGuard achieves effective integrity measurement with less than 10% overhead.
- cloud computing,
- virtualization,
- integrity verification,
- system call analysis,
- software loading

FullText(HTML)

References (0)

[1]	Wang Jieting, Qian Yuhua, Li Feijiang, Liu Guoqing. Support Vector Machine with Eliminating the Random Consistency[J]. Journal of Computer Research and Development, 2020, 57(8): 1581-1593. DOI: 10.7544/issn1000-1239.2020.20200127
[2]	Feng Chang, Liao Shizhong. Model Selection for Gaussian Kernel Support Vector Machines in Random Fourier Feature Space[J]. Journal of Computer Research and Development, 2016, 53(9): 1971-1978. DOI: 10.7544/issn1000-1239.2016.20150489
[3]	Hua Xiaopeng, Ding Shifei. Locality Preserving Twin Support Vector Machines[J]. Journal of Computer Research and Development, 2014, 51(3): 590-597.
[4]	Guo Husheng, Wang Wenjian. A Support Vector Machine Learning Method Based on Granule Shift Parameter[J]. Journal of Computer Research and Development, 2013, 50(11): 2315-2324.
[5]	Ding Lizhong and Liao Shizhong. Approximate Model Selection on Regularization Path for Support Vector Machines[J]. Journal of Computer Research and Development, 2012, 49(6): 1248-1255.
[6]	Xu Peng, Liu Qiong, and Lin Sen. Internet Traffic Classification Using Support Vector Machine[J]. Journal of Computer Research and Development, 2009, 46(3): 407-414.
[7]	Xiong Jinzhi, Yuan Huaqiang, Peng Hong. A General Formulation of Polynomial Smooth Support Vector Machines[J]. Journal of Computer Research and Development, 2008, 45(8): 1346-1353.
[8]	Li Yingxin and Ruan Xiaogang. Feature Selection for Cancer Classification Based on Support Vector Machine[J]. Journal of Computer Research and Development, 2005, 42(10): 1796-1801.
[9]	Liu Xiangdong, Luo Bin, and Chen Zhaoqian. Optimal Model Selection for Support Vector Machines[J]. Journal of Computer Research and Development, 2005, 42(4): 576-581.
[10]	Wu Gaowei, Tao Qing, Wang Jue. Support Vector Machines Based on Posteriori Probability[J]. Journal of Computer Research and Development, 2005, 42(2): 196-202.