Sciweavers

ACSAC
2009
IEEE

HIMA: A Hypervisor-Based Integrity Measurement Agent

14 years 6 months ago
HIMA: A Hypervisor-Based Integrity Measurement Agent
Abstract—Integrity measurement is a key issue in building trust in distributed systems. A good solution to integrity measurement has to provide both strong isolation between the measurement agent and the measurement target and Time of Check to Time of Use (TOCTTOU) consistency (i.e., the consistency between measured version and executed version throughout the lifetime of the target). Unfortunately, none of the previous approaches provide (or can be easily modified to provide) both capabilities. This paper presents HIMA, a hypervisor-based agent that measures the integrity of Virtual Machines (VMs) running on top of the hypervisor, which provides both capabilities identified above. HIMA performs two complementary tasks: (1) active monitoring of critical guest events and (2) guest memory protection. The former guarantees that the integrity measures are refreshed whenever the guest VM memory layout changes (e.g., upon creation of processes), while the latter ensures that integrity mea...
Ahmed M. Azab, Peng Ning, Emre Can Sezer, Xiaolan
Added 18 May 2010
Updated 18 May 2010
Type Conference
Year 2009
Where ACSAC
Authors Ahmed M. Azab, Peng Ning, Emre Can Sezer, Xiaolan Zhang
Comments (0)