|![[Search]](/images/search.gif?1209136071)
|![[A-Z Index]](/images/az.gif?1209136071)
|![[Contact]](/images/contact.gif?1209136071)
||![[University of Birmingham]](/images/identifier2.gif?1243330508){kind=small} |
![[Talks@bham]](/images/talkslogosmall.gif?1243330508) |
University of Birmingham > Talks@bham > Computer Security Seminars > Forensic Virtual Machines: Dynamic defence in the Cloud via Introspection
Forensic Virtual Machines: Dynamic defence in the Cloud via IntrospectionAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Vincent Cheval. The Cloud attempts to provide its users with automatically scalable platforms to host many applications and operating systems. To allow for quick deployment, they are often homogenised to a few images, restricting the variations used within the Cloud. An exploitable vulnerability stored within an image means that each instance will suffer from it and as a result, an attacker can be sure of a high pay-off for their time. This makes the Cloud a prime target for malicious activities. There is a clear requirement to develop an automated and computationally-inexpensive method of discovering malicious behaviour as soon as it starts, such that remedial action can be adopted before substantial damage is caused. In This talk I will report on a collaborative work with HP research lab in creating an infrastructure for using Introspection to detect symptoms of malicious behaviour. we propose the use of Mini-OS, a virtualised operating system that uses minimal resources on the Xen virtualisation platform, for analysing the memory space of other guest virtual machines. We produce detectors which we call Forensic Virtual Machines (FVMs). They are lightweight such and hence computationally cheap to run and use secure multicast to communicate and share information. Such a small footprint allows the physical host to run numerous instances to find symptoms of malicious behaviour whilst potentially limiting attack vectors. We also describe our experience of developing FVMs and how they can be used to complement existing methods to combat malware. This talk is part of the Computer Security Seminars series. This talk is included in these lists:
Note that ex-directory lists are not shown. |
Other listsFeatured talks Analysis Reading Seminar Birmingham Popular Maths LecturesOther talksThe tragic destiny of Mileva Marić Einstein Bases for permutation groups Counting cycles in planar graphs Topological interfaces, phase transitions, and point-group symmetries – spinor Bose-Einstein condensates as topological-defect laboratories TBA Control variates for computing transport coefficients |
Thursday 10 April 2014, 11:00-12:00