Conferences >2014 IEEE 13th International ...

vPatcher: VMI-Based Transparent Data Patching to Secure Software in the Cloud

Download PDF
Download References
Request Permissions
Save to
Alerts

Abstract:

Quick defense against the spread of software exploits is an important problem, and hot patching is an attractive approach to solve this problem. However, these approaches...Show More

Metadata

Abstract:

Quick defense against the spread of software exploits is an important problem, and hot patching is an attractive approach to solve this problem. However, these approaches cannot adapt to cloud well, which brings new challenges to the protection of software. Among these challenges, transparency and rapid deployment are two respective requirements for protection. In this paper, we propose vPatcher, a transparent data patching technique based on Virtual Machine Introspection. Vpatcher uses hypervisor to monitor the network connections of vulnerable programs in protected guest systems, deployed outside the Virtual Machines, without disturbing the target guest systems. Given the vulnerability signatures, vPatcher intercepts network packets, scans these packets for vulnerable processes by reconstructing fine-grained system semantics that include process states as well as corresponding network connections, detects them with their vulnerability signatures, and finally filters exploits. We adopted several realistic vulnerable programs used broadly to evaluate the effectiveness of the technique, and experimental results showed its efficacy and that the overhead is acceptable. In addition, the experiments also show that it could be transparent to guest systems, and suitable for rapid deployment in cloud platforms.

Published in: 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications

Date of Conference: 24-26 September 2014

Date Added to IEEE Xplore: 19 January 2015

Electronic ISBN:978-1-4799-6513-7

ISSN Information:

DOI: 10.1109/TrustCom.2014.125

Conference Location: Beijing, China

Contents

I. Introduction

With the rapid development of cloud computing, many information systems have been moved from the terminal to a cloud platform, security problems cannot be alleviated by delivery to a cloud platform, and guest systems still face the threat of attack. In such a scenario, from the perspective of guest users, the protection of systems should also be moved from the physical terminal to the cloud platform 1. However, the protection of guest systems running on VMs from a cloud platform faces new challenges, such as: availability, transparency, and usability. •

Availability. Availability is the most important requirement for the protection of a cloud platform, because guest users cannot allow their systems to crash and be rebooted.

•

Transparency. Although guest users move systems from their own terminals to the cloud platform, they still may not permit the cloud platform to dynamically update guest systems due to privacy concerns, even for security protections.

•

Usability. There are a number of VMs in the cloud platform, and each virtual machine could run different operating systems. Thus, it is not easy to patch all vulnerable programs in different VMs, and the rapid deployment of hot patching is significant in the defense against exploits in cloud platforms.

References is not available for this document.

vPatcher: VMI-Based Transparent Data Patching to Secure Software in the Cloud

Abstract:

Metadata

Abstract:

ISSN Information:

I. Introduction

References

IEEE Account

Purchase Details

Profile Information

Need Help?

vPatcher: VMI-Based Transparent Data Patching to Secure Software in the Cloud

Alerts

Abstract:

Metadata

Abstract:

ISSN Information:

I. Introduction

References