Publication Type

Conference Proceeding Article

Version

acceptedVersion

Publication Date

6-2023

Abstract

A guest virtual machine in a cloud platform may fall “sick” when its kernel encounters a fatal low-level bug or is subverted by an adversary. The VM owner is hence likely to lose her control over it due to a kernel hang or being denied of remote accesses. While the VM can be rebooted with the assistance from the cloud server, the owner not only faces service disruption but also is left with no opportunity to make an in-depth diagnosis and forensics on the spot, not to mention a live rectification. Currently, the cloud service provider has neither incentive nor the technology to assist owners to resuscitate their falling VMs. In this paper, we propose a new cloud service termed VMCare-As-A-Service (VaaS) with the vision that the owner of a sick VM applies her tools running on a special VM to repair it. VaaS demands innovative cloud technologies for the unique infrastructure support as well as new software security techniques for attacks neutralization and runtime rectification upon a running and corrupted kernel. We examine the ensuing research challenges and present several preliminary approaches to kindle the interests from the community.

Keywords

Cloud computing, Runtime, Forensics, Maintenance engineering, Virtual machining, Software, Servers

Discipline

Information Security

Research Areas

Cybersecurity

Publication

2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks: Supplemental Volume (DSN-S): Porto, June 27-30: Proceedings

First Page

89

Last Page

93

ISBN

9798350325454

Identifier

10.1109/DSN-S58398.2023.00030

Publisher

IEEE Computer Society

City or Country

Los Alamitos, CA

Additional URL

https://doi.org/10.1109/DSN-S58398.2023.00030

Download

Share

COinS