sponsors
usenix conference policies
DACSA: A Decoupled Architecture for Cloud Security Analysis
Jason Gionta, North Carolina State University; Ahmed Azab, Samsung Electronics Co., Ltd.; William Enck and Peng Ning, North Carolina State University; Xiaolan Zhang, Google Inc.
Monitoring virtual machine execution from the hypervisor provides new opportunities for evaluating cloud security. Unfortunately, traditional hypervisor based monitoring techniques tightly couple monitoring with internal VM operations and as a result 1) impose unacceptably high overhead to both guest and host environments and 2) do not scale. Towards addressing this problem, we present DACSA, a decoupled “Out-of-VM” cloud analysis architecture for cyber testing. DACSA leverages guest VMs that act as sensors to capture security centric information for analysis. Guest VMs and host environments incur minimal impact. We measure DACSA’s impact to VMs at 0-6% and host impact at 0-3% which is only incurred during state acquisition. As a result, DACSA can enable production environments as a testbed for security analysis.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Jason Gionta and Ahmed Azab and William Enck and Peng Ning and Xiaolan Zhang},
title = {{DACSA}: A Decoupled Architecture for Cloud Security Analysis},
booktitle = {7th Workshop on Cyber Security Experimentation and Test (CSET 14)},
year = {2014},
address = {San Diego, CA},
url = {https://www.usenix.org/conference/cset14/workshop-program/gionta},
publisher = {USENIX Association},
month = aug
}
connect with us