Abstract
Traditional security framework in cloud platform usually brings self-vulnerability and considerable additional resource consumption. To solve these problems, we propose an external processes monitoring architecture for current popular cloud platform OpenStack with kernel-based virtual machine (KVM). With this architecture, we can monitor all active processes in online virtual machine (VMs) and scan them for their potential maliciousness in OpenStack with no agent, and can also detect hidden processes in offline VMs’ memory snapshots and notice the user to decide whether to kill them when VMs become active. Analysis and experimental results show that our architecture is able to reduce consumption of CPU, memory and bandwidth in cloud platform and can detect viruses and hidden processes effectively in VMs.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Lombardi F, Di Pietro F. Secure virtualization for cloud computing [J]. Journal of Network and Computer Applications, 2011, 34(4):1113–1122.
Feng D G, Zhang M, Zhang Y, et al. Study on cloud computing security [J]. Journal of Software, 2011,22(1): 71–83(Ch).
Trend Micro. Security issues facing in virtualization [EB/OL]. [2015-12-05]. http: //www.trendmicro.com.cn/cloudsecurity /12risks.html.
Xiang G F, Jin H, Zou D Q, et al. Virtualization-based security monitoring [J]. Journal of Software, 2012, 23(8): 2173–2187 (Ch).
Dunlap G W, King S T, Cinar S, et al. Revirt:Enablingintrusion analysis through virtual-machine logging and replay [J]. ACM SIGOPS Operating Systems Review, 2002, 36(SI): 211–224.
Wen X, Gu G, Li Q, et al. Comparison of opensource cloud management platforms:Openstack and opennebula [C] // Fuzzy Systems and Knowledge Discovery (FSKD). San Jose: IEEE Press, 2012:2457–2461.
Intel(r) Corporation. Intel(r) 64 and IA-32 Auchitectures Software Developer’s Manuals [M]. New York: ACM Press, 2011.
Kojm T, Cathey M. Clamav antivirus [EB/OL]. [2015-12-5]. http: // www.clamav.net.
Li Z Y, Xian M. Analysis of PE file format [J]. Computer Knowledge and Technology, 2009,5(9): 2379–2381(Ch).
Cui J S. Method for establishing VNC(Virtual Network computing) Covert Channel between Cloud Management Platform and Virtual Machine Terminal User [P]. CN: 1033128144A, 2013-9-18(Ch).
Author information
Authors and Affiliations
Corresponding author
Additional information
Foundation item: Supported by the National Natural Science Foundation of China (61170026)
Rights and permissions
About this article
Cite this article
Cui, J., Liao, K., Tian, C. et al. A less resource-consumed security architecture on cloud platform. Wuhan Univ. J. Nat. Sci. 21, 407–414 (2016). https://doi.org/10.1007/s11859-016-1188-z
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11859-016-1188-z