| Virtualization is a resource management technique.It refers to creating virtual hardware re-sources,and supports several operating systems running on the same hardware.The technology significantly improves the hardware utilization.It plays an important role in the development of cloud platform technologies.Cloud providers sell computing and storage resources to users,which help consumers save deployment costs.The appearance of virtualization technology is accompanied by the development of the operating system.On the one hand,it provides better hardware performance,on the other hand,it has to ensure the application security.Xen is an virtualization project maintained by the open source community.Among various virtualization softwares,a lot of cloud vendors(such as Amazon and Alibaba)use Xen because of its good performance.While cloud services rely on virtulization technology,security problem of virtual machines(VMs)has become a big concern of industry and academia.This thesis analysis two security problems of virtualized systems:application security and kernel security.Application security has to guarantee that processes are running in safe states,which also means the guest VMs can provide safe and stable services to users.Kernel security has to protect the systems from rootkit attacks.This thesis introduces a hybrid security moni-toring framework,and implements a prototype named HybridMonitor.HybridMonitor uses the idea of software measurement to monitor processes.In comparison,it uses two key techniques to protect the kernel,where the first one is non-bypassable kernel code protection,and the sec-ond is kernel control flow integrity verifying.Experiment shows HybridMonitor can effectively detect process and kernel level attacks while imposing acceptable performance loss to the host system. |
PDF Full Text Request