Virtual Machine Introspection in Cloud Environment- A Security Perspective with Future Research Directions

Now-a-days enterprises/organizations are using cloud services for hosting the web applications and data because of the ease and cost-effectiveness in using the cloud services. However, security issues in virtualization impose several questions on the adoption of this technology and raise strong security concerns. The traditional security solutions may not be much effective in cloud computing environment. Instead, Introspection-based approaches such as Virtual Machine Introspection (VMI) are more useful to protect the virtualized environment. VMI approaches provide robust solutions in identifying the user and kernel-level processes-based attacks by positioning the security tool outside the Virtual Machine (VM). The successful implementation of these solutions is still challenging due to having heterogeneous design architectures of hypervisors. The main agenda of the talk will be to discuss the fundamentals of virtual machine introspection (VMI) and the applications of VMI in intrusion detection applications to protect cloud environment from stealthy attacks. Various tools, libraries and security frameworks will be discussed in detail. At the end, open research challenges will be described to give directions for future research.