Skip to main content
USENIX
  • Conferences
  • Students
Sign in
  • Home
  • Attend
    • Registration Information
    • Registration Discounts
    • Venue, Hotel, and Travel
    • Student and Grants
    • Co-located Events
  • Program
    • Workshop Program
  • Sponsorship
  • Participate
    • Instructions for Authors and Speakers
    • Call for Papers
  • About
    • Workshop Organizers
    • Help Promote
    • Questions
    • Past Workshops
  • Home
  • Attend
  • Program
  • Sponsorship
  • Participate
  • About

sponsors

Gold Sponsor
Gold Sponsor
Gold Sponsor
Media Sponsor
Media Sponsor
Media Sponsor
Media Sponsor
Media Sponsor
Industry Partner

help promote

HotCloud '15 button

connect with us


  •  Twitter
  •  Facebook
  •  LinkedIn
  •  Google+
  •  YouTube

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home » Scalable Cloud Security via Asynchronous Virtual Machine Introspection
Tweet

connect with us

Scalable Cloud Security via Asynchronous Virtual Machine Introspection

Authors: 

Sundaresan Rajasekaran, Zhen Ni, Harpreet Singh Chawla, Neel Shah, and Timothy Wood, George Washington University; Emery Berger, University of Massachusetts Amherst

Abstract: 

Software will always be vulnerable to attacks. Although techniques exist that could prevent or limit the risk of exploits, performance overhead blocks their adoption. Services deployed into the cloud are typically customer facing, leaving them even more exposed to attacks from malicious users. However, the use of virtual machines, and the economy of scale found in cloud platforms, provides an opportunity to offer strong security guarantees to tenants at low cost to the cloud provider. We present ScaaS, a security Scanning as a Service framework for cloud platforms that uses frequent virtual machine checkpointing coupled with memory introspection techniques to detect bugs and malicious behavior in real time. By buffering VM outputs (i.e., outgoing network packets and disk writes) until a scan has been completed, ScaaS gives strong guarantees about the amount of damage an attack can do, while minimizing overheads.

Sundaresan Rajasekaran, George Washington University

Zhen Ni, George Washington University

Harpreet Singh Chawla, George Washington University

Neel Shah, George Washington University

Timothy Wood, George Washington University

Emery Berger, University of Massachusetts Amherst

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {196342,
author = {Sundaresan Rajasekaran and Zhen Ni and Harpreet Singh Chawla and Neel Shah and Timothy Wood and Emery Berger},
title = {Scalable Cloud Security via Asynchronous Virtual Machine Introspection},
booktitle = {8th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud 16)},
year = {2016},
address = {Denver, CO},
url = {https://www.usenix.org/conference/hotcloud16/workshop-program/presentation/rajasekaran},
publisher = {USENIX Association},
month = jun,
}
Download
Rajasekaran PDF
View the slides
  • Log in or    Register to post comments

Gold Sponsors

Media Sponsors & Industry Partners

© USENIX

  • Privacy Policy
  • Contact Us