Building a Distributed System for Live Virtual Machine Introspection

9 pages•Published: November 24, 2022

Steven Valle, Nagarajan Prabakar and Himanshu Upadhyay

Abstract

The introspection of virtual machines is an important aspect of protecting against the threat of malware that can hide from traditional automated malware-detection systems. A distributed system for live virtual machine introspection is presented utilizing the Xen Project hypervisor and LibVMI for introspection. The system incorporates the importing of VMs through the OVF specification, VM management through libvirt, and the streaming of various kernel data structures and system calls into data stores with no delay between introspection and storage.

Keyphrases: data streaming, distributed systems, hypervisor, introspection, virtual machine

In: Yan Shi, Gongzhu Hu, Krishna Kambhampaty and Takaaki Goto (editors). Proceedings of 35th International Conference on Computer Applications in Industry and Engineering, vol 89, pages 72-80.

Links:	https://easychair.org/publications/paper/jXzX
	https://doi.org/10.29007/p9fm

BibTeX entry

@inproceedings{CAINE2022:Building_Distributed_System_Live,
  author    = {Steven Valle and Nagarajan Prabakar and Himanshu Upadhyay},
  title     = {Building a Distributed System for Live Virtual Machine Introspection},
  booktitle = {Proceedings of 35th International Conference on Computer Applications in Industry and Engineering},
  editor    = {Yan Shi and Gongzhu Hu and Krishna Kambhampaty and Takaaki Goto},
  series    = {EPiC Series in Computing},
  volume    = {89},
  publisher = {EasyChair},
  bibsource = {EasyChair, https://easychair.org},
  issn      = {2398-7340},
  url       = {/publications/paper/jXzX},
  doi       = {10.29007/p9fm},
  pages     = {72-80},
  year      = {2022}}

Download PDF Open PDF in browser