A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit <a rel="external noopener" href="http://zestrad2.web.engr.illinois.edu/papers/hypertap.pdf">the original URL</a>. The file type is <code>application/pdf</code>.
<a target="_blank" rel="noopener" href="https://fatcat.wiki/container/64vpoz5fx5azda553iibjuf7h4" style="color: black;">2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks</a>
This paper presents a solution that simultaneously addresses both reliability and security (RnS) in a monitoring framework. We identify the commonalities between reliability and security to guide the design of HyperTap, a hypervisor-level framework that efficiently supports both types of monitoring in virtualization environments. In HyperTap, the logging of system events and states is common across monitors and constitutes the core of the framework. The audit phase of each monitor is<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1109/dsn.2014.19">doi:10.1109/dsn.2014.19</a> <a target="_blank" rel="external noopener" href="https://dblp.org/rec/conf/dsn/PhamECKI14.html">dblp:conf/dsn/PhamECKI14</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/x7cnh76obzcepawy3bl4fgh4zi">fatcat:x7cnh76obzcepawy3bl4fgh4zi</a> </span>
more »... and operated independently. In addition, HyperTap relies on hardware invariants to provide a strongly isolated root of trust. HyperTap uses active monitoring, which can be adapted to enforce a wide spectrum of RnS policies. We validate Hy-perTap by introducing three example monitors: Guest OS Hang Detection (GOSHD), Hidden RootKit Detection (HRKD), and Privilege Escalation Detection (PED). Our experiments with fault injection and real rootkits/exploits demonstrate that HyperTap provides robust monitoring with low performance overhead.
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20170810203859/http://zestrad2.web.engr.illinois.edu/papers/hypertap.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/9d/f5/9df577f0e884db39bff445b58757e6a3f42ca1b5.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1109/dsn.2014.19"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> ieee.com </button> </a>