WEKO3
アイテム
Secure Offloading of Intrusion Detection Systems from VMs with Intel SGX
http://hdl.handle.net/10228/00008651
http://hdl.handle.net/10228/00008651b20e5011-3103-4e55-9271-9d0452b4c4fd
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
RECN_2021-15.pdf (142.8 kB)
|
|
| アイテムタイプ | 学術雑誌論文 = Journal Article(1) | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 公開日 | 2021-12-09 | |||||||||||||
| 資源タイプ | ||||||||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_6501 | |||||||||||||
| 資源タイプ | journal article | |||||||||||||
| タイトル | ||||||||||||||
| タイトル | Secure Offloading of Intrusion Detection Systems from VMs with Intel SGX | |||||||||||||
| 言語 | en | |||||||||||||
| 言語 | ||||||||||||||
| 言語 | eng | |||||||||||||
| 著者 |
Nakano, Tomoharu
× Nakano, Tomoharu× 光来, 健一
WEKO
20772
|
|||||||||||||
| 抄録 | ||||||||||||||
| 内容記述タイプ | Abstract | |||||||||||||
| 内容記述 | Virtual machines (VMs) inside clouds need to be monitored using intrusion detection systems (IDS). Since host-based IDS can be easily disabled by intruders, IDS offloading with VM introspection (VMI) is used to securely run IDS outside a target VM. However, offloaded IDS can be still attacked because it runs on top of a vulnerable operating system (OS). Various systems have been proposed to protect offloaded IDS, but no systems provide an appropriate execution environment to IDS. This paper proposes SGmonitor for enabling the secure execution of IDS offloaded from VMs inside clouds using Intel SGX. SGmonitor executes IDS in SGX enclaves and preserves confidentiality and integrity. It provides secure VMI for memory and storage by using encryption and integrity checking. To make the development of offloaded IDS easier, it provides the in-kernel API to in-enclave IDS and enables transparent access to OS data in VMs. We have implemented SGmonitor in Xen with SGX support and showed that the overhead of in-enclave IDS was 31% in compensation for much stronger security. | |||||||||||||
| 言語 | en | |||||||||||||
| 備考 | ||||||||||||||
| 内容記述タイプ | Other | |||||||||||||
| 内容記述 | 2021 IEEE 14th International Conference on Cloud Computing (CLOUD), September 5-10, 2021, Chicago, IL, USA | |||||||||||||
| 書誌情報 |
en : 2021 IEEE 14th International Conference on Cloud Computing (CLOUD) p. 297-303, 発行日 2021-11-13 |
|||||||||||||
| 出版社 | ||||||||||||||
| 出版者 | IEEE | |||||||||||||
| DOI | ||||||||||||||
| 関連タイプ | isVersionOf | |||||||||||||
| 識別子タイプ | DOI | |||||||||||||
| 関連識別子 | https://doi.org/10.1109/CLOUD53861.2021.00043 | |||||||||||||
| ISBN | ||||||||||||||
| 識別子タイプ | ISBN | |||||||||||||
| 関連識別子 | 978-1-6654-0060-2 | |||||||||||||
| ISSN | ||||||||||||||
| 収録物識別子タイプ | EISSN | |||||||||||||
| 収録物識別子 | 2159-6190 | |||||||||||||
| 著作権関連情報 | ||||||||||||||
| 権利情報 | Copyright (c) 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. | |||||||||||||
| キーワード | ||||||||||||||
| 主題Scheme | Other | |||||||||||||
| 主題 | Intel SGX | |||||||||||||
| キーワード | ||||||||||||||
| 主題Scheme | Other | |||||||||||||
| 主題 | enclaves | |||||||||||||
| キーワード | ||||||||||||||
| 主題Scheme | Other | |||||||||||||
| 主題 | virtual machines | |||||||||||||
| キーワード | ||||||||||||||
| 主題Scheme | Other | |||||||||||||
| 主題 | intrusion detection systems | |||||||||||||
| キーワード | ||||||||||||||
| 主題Scheme | Other | |||||||||||||
| 主題 | VM introspection | |||||||||||||
| 出版タイプ | ||||||||||||||
| 出版タイプ | AM | |||||||||||||
| 出版タイプResource | http://purl.org/coar/version/c_ab4af688f83e57aa | |||||||||||||
| 査読の有無 | ||||||||||||||
| 値 | yes | |||||||||||||
| 連携ID | ||||||||||||||
| 値 | 9776 | |||||||||||||
