Cited By
View all- Bushouse MReeves DZhao ZAhn GKrishnan RGhinita G(2018)HyperagentsProceedings of the Eighth ACM Conference on Data and Application Security and Privacy10.1145/3176258.3176317(212-223)Online publication date: 13-Mar-2018
Efficient VM Introspection in KVM and Performance Comparison with Xen
Pages 192 - 202
Abstract
Intrusion detection system (IDS) offloading is useful for securely executing IDSes. It runs a target system in a virtual machine (VM) and enables IDSes to monitor the VM from the outside using VM introspection. Although VM introspection is well studied, its performance has not been reported in detail. The performance becomes important when users choose virtualization software, e.g., Xen and KVM. However, the performance comparison is difficult because there is no efficient implementation of VM introspection in KVM. In this paper, we first propose KVMonitor for efficient VM introspection in KVM. Using KVMonitor, we have ported Transcall for offloading legacy IDSes. For memory introspection, KVMonitor was 32 times faster than the existing LibVMI. Then we present performance comparison between Xen and KVM on VM introspection. The experimental results showed that checking the kernel memory with KVMonitor was 118 times faster than that in Xen. Even for legacy chkrootkit, the execution time with KVMonitor was 63% shorter than that in Xen.
Index Terms
- Efficient VM Introspection in KVM and Performance Comparison with Xen
Index terms have been assigned to the content through auto-classification.
Recommendations
Virtual Machine Introspection based Cloud Monitoring Platform
CompSysTech '18: Proceedings of the 19th International Conference on Computer Systems and TechnologiesVirtual Machine Introspection (VMI) is an emerging family of techniques for extracting data from virtual machines without the use of active monitoring probes within the target machines themselves. In VMI based systems, the data is collected at the ...
Virtual Machine Introspection
SIN '14: Proceedings of the 7th International Conference on Security of Information and NetworksDue to exposure to the Internet, virtual machines (VMs) as forms of delivering virtualized infrastructures and resources represent a first point-of-target for security attackers who want to gain access into the virtualization environment. In-VM ...
Performance Evaluation of Xen, KVM, and Proxmox Hypervisors
Hardware virtualization plays a major role in IT infrastructure optimization in private data centers and public cloud platforms. Though there are many advancements in CPU architecture and hypervisors recently, but overhead still exists as there is a ...
Comments
Information & Contributors
Information
Published In
November 2014
255 pages
ISBN:9781479964741
Publisher
IEEE Computer Society
United States
Publication History
Published: 18 November 2014
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 27 Jul 2024
Other Metrics
Citations
Cited By
View all- Bushouse MReeves DZhao ZAhn GKrishnan RGhinita G(2018)HyperagentsProceedings of the Eighth ACM Conference on Data and Application Security and Privacy10.1145/3176258.3176317(212-223)Online publication date: 13-Mar-2018
View Options
View options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in