Proceedings of EC2ND'07:
Towards High Assurance Networks of Virtual Machines
Fabrizio Baiardi, Daniele Sgandurra, University of Pisa, Italy

Abstract
We propose a methodology to check software integrity based upon virtual machines (VMs) that integrates controls at distinct execution levels. The baseline of the proposed approach is the virtual machine monitor (VMM) capability to access the memory of a VM to apply a set of consistency checks to the VM operating system (OS). In turn, the OS can apply a different set of consistency checks to the application processes, and applications can also enforce a further set of security controls. The union of all the consistency checks forms a chain of trust, where each level controls the integrity of the one above it through the proper interface for that level. In this way, the proposed approach minimizes the semantic gap in-between two different levels, because each level only applies those security controls that are coherent with the view of the level. We apply this methodology to build a distributed intrusion detection system (IDS) to detect attacks against a network of VMs. According to the proposed methodology, the tool adopts VM introspection (VMI) to apply a set of consistency checks to the kernel of the OS of each VM. Then, we extend the kernel of each VM with a set of functions to check the integrity of the processes involved in the detection of intrusions.

Download this paper: pdf