Real-time Auditing of the Runtime Environment for Cloud Computing Platforms

Gwan Hwan Hwang; Kun Yih Huang; Bo Siang Liao; Yi Ling Yuan; Hung Fu Chen

doi:10.6688/JISE.201903_35(2).0005

Real-time Auditing of the Runtime Environment for Cloud Computing Platforms

Gwan Hwan Hwang, Kun Yih Huang, Bo Siang Liao, Yi Ling Yuan, Hung Fu Chen

Department of Computer Science and Information Engineering

Research output: Contribution to journal › Article › peer-review

Abstract

In this paper we show how to perform efficient auditing of the runtime environment for virtual machines in public cloud systems or standalone computer systems. The goal is to perform real-time integrity checking of executable codes and library files that will be dynamically linked before an application is launched. Auditing these binary files according to their hash values stored in a local machine is deficient because malware or viruses infecting those files can simultaneously alter their corresponding hash values. We propose an effective scheme to perform real-time auditing of such binary files. First, a status code that represents the current status of all executable codes and library files in the runtime environment and comprises only 32 bytes is downloaded from a trusted remote computer. Second, a full binary hash tree is used to perform efficient auditing of files that will be executed and linked by an application according to the downloaded status code. Finally, this application can then be launched safely. We used a real operating system to evaluate the performance of the proposed scheme, and the obtained experimental results demonstrated its feasibility.

Original language	English
Pages (from-to)	323-339
Number of pages	17
Journal	Journal of Information Science and Engineering
Volume	35
Issue number	2
DOIs	https://doi.org/10.6688/JISE.201903_35(2).0005
Publication status	Published - 2019 Mar

Keywords

Cloud auditing
Malware
Proof-of-violation
Runtime-environment auditing
Virus

ASJC Scopus subject areas

Software
Human-Computer Interaction
Hardware and Architecture
Library and Information Sciences
Computational Theory and Mathematics

Access to Document

10.6688/JISE.201903_35(2).0005

Fingerprint Dive into the research topics of 'Real-time Auditing of the Runtime Environment for Cloud Computing Platforms'. Together they form a unique fingerprint.

Cite this

@article{ee141507a0a646569340e8039844f48d,

title = "Real-time Auditing of the Runtime Environment for Cloud Computing Platforms",

abstract = "In this paper we show how to perform efficient auditing of the runtime environment for virtual machines in public cloud systems or standalone computer systems. The goal is to perform real-time integrity checking of executable codes and library files that will be dynamically linked before an application is launched. Auditing these binary files according to their hash values stored in a local machine is deficient because malware or viruses infecting those files can simultaneously alter their corresponding hash values. We propose an effective scheme to perform real-time auditing of such binary files. First, a status code that represents the current status of all executable codes and library files in the runtime environment and comprises only 32 bytes is downloaded from a trusted remote computer. Second, a full binary hash tree is used to perform efficient auditing of files that will be executed and linked by an application according to the downloaded status code. Finally, this application can then be launched safely. We used a real operating system to evaluate the performance of the proposed scheme, and the obtained experimental results demonstrated its feasibility.",

keywords = "Cloud auditing, Malware, Proof-of-violation, Runtime-environment auditing, Virus",

author = "Hwang, {Gwan Hwan} and Huang, {Kun Yih} and Liao, {Bo Siang} and Yuan, {Yi Ling} and Chen, {Hung Fu}",

year = "2019",

month = mar,

doi = "10.6688/JISE.201903_35(2).0005",

language = "English",

volume = "35",

pages = "323--339",

journal = "Journal of Information Science and Engineering",

issn = "1016-2364",

publisher = "Institute of Information Science",

number = "2",

}

TY - JOUR

T1 - Real-time Auditing of the Runtime Environment for Cloud Computing Platforms

AU - Hwang, Gwan Hwan

AU - Huang, Kun Yih

AU - Liao, Bo Siang

AU - Yuan, Yi Ling

AU - Chen, Hung Fu

PY - 2019/3

Y1 - 2019/3

N2 - In this paper we show how to perform efficient auditing of the runtime environment for virtual machines in public cloud systems or standalone computer systems. The goal is to perform real-time integrity checking of executable codes and library files that will be dynamically linked before an application is launched. Auditing these binary files according to their hash values stored in a local machine is deficient because malware or viruses infecting those files can simultaneously alter their corresponding hash values. We propose an effective scheme to perform real-time auditing of such binary files. First, a status code that represents the current status of all executable codes and library files in the runtime environment and comprises only 32 bytes is downloaded from a trusted remote computer. Second, a full binary hash tree is used to perform efficient auditing of files that will be executed and linked by an application according to the downloaded status code. Finally, this application can then be launched safely. We used a real operating system to evaluate the performance of the proposed scheme, and the obtained experimental results demonstrated its feasibility.

AB - In this paper we show how to perform efficient auditing of the runtime environment for virtual machines in public cloud systems or standalone computer systems. The goal is to perform real-time integrity checking of executable codes and library files that will be dynamically linked before an application is launched. Auditing these binary files according to their hash values stored in a local machine is deficient because malware or viruses infecting those files can simultaneously alter their corresponding hash values. We propose an effective scheme to perform real-time auditing of such binary files. First, a status code that represents the current status of all executable codes and library files in the runtime environment and comprises only 32 bytes is downloaded from a trusted remote computer. Second, a full binary hash tree is used to perform efficient auditing of files that will be executed and linked by an application according to the downloaded status code. Finally, this application can then be launched safely. We used a real operating system to evaluate the performance of the proposed scheme, and the obtained experimental results demonstrated its feasibility.

KW - Cloud auditing

KW - Malware

KW - Proof-of-violation

KW - Runtime-environment auditing

KW - Virus

UR - http://www.scopus.com/inward/record.url?scp=85063935407&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85063935407&partnerID=8YFLogxK

U2 - 10.6688/JISE.201903_35(2).0005

DO - 10.6688/JISE.201903_35(2).0005

M3 - Article

AN - SCOPUS:85063935407

VL - 35

SP - 323

EP - 339

JO - Journal of Information Science and Engineering

JF - Journal of Information Science and Engineering

SN - 1016-2364

IS - 2

ER -