Abstract
In this paper we show how to perform efficient auditing of the runtime environment for virtual machines in public cloud systems or standalone computer systems. The goal is to perform real-time integrity checking of executable codes and library files that will be dynamically linked before an application is launched. Auditing these binary files according to their hash values stored in a local machine is deficient because malware or viruses infecting those files can simultaneously alter their corresponding hash values. We propose an effective scheme to perform real-time auditing of such binary files. First, a status code that represents the current status of all executable codes and library files in the runtime environment and comprises only 32 bytes is downloaded from a trusted remote computer. Second, a full binary hash tree is used to perform efficient auditing of files that will be executed and linked by an application according to the downloaded status code. Finally, this application can then be launched safely. We used a real operating system to evaluate the performance of the proposed scheme, and the obtained experimental results demonstrated its feasibility.
Original language | English |
---|---|
Pages (from-to) | 323-339 |
Number of pages | 17 |
Journal | Journal of Information Science and Engineering |
Volume | 35 |
Issue number | 2 |
DOIs | |
Publication status | Published - 2019 Mar 1 |
Fingerprint
Keywords
- Cloud auditing
- Malware
- Proof-of-violation
- Runtime-environment auditing
- Virus
ASJC Scopus subject areas
- Software
- Human-Computer Interaction
- Hardware and Architecture
- Library and Information Sciences
- Computational Theory and Mathematics
Cite this
Real-time Auditing of the Runtime Environment for Cloud Computing Platforms. / Hwang, Gwan-Hwan; Huang, Kun Yih; Liao, Bo Siang; Yuan, Yi Ling; Chen, Hung Fu.
In: Journal of Information Science and Engineering, Vol. 35, No. 2, 01.03.2019, p. 323-339.Research output: Contribution to journal › Article
}
TY - JOUR
T1 - Real-time Auditing of the Runtime Environment for Cloud Computing Platforms
AU - Hwang, Gwan-Hwan
AU - Huang, Kun Yih
AU - Liao, Bo Siang
AU - Yuan, Yi Ling
AU - Chen, Hung Fu
PY - 2019/3/1
Y1 - 2019/3/1
N2 - In this paper we show how to perform efficient auditing of the runtime environment for virtual machines in public cloud systems or standalone computer systems. The goal is to perform real-time integrity checking of executable codes and library files that will be dynamically linked before an application is launched. Auditing these binary files according to their hash values stored in a local machine is deficient because malware or viruses infecting those files can simultaneously alter their corresponding hash values. We propose an effective scheme to perform real-time auditing of such binary files. First, a status code that represents the current status of all executable codes and library files in the runtime environment and comprises only 32 bytes is downloaded from a trusted remote computer. Second, a full binary hash tree is used to perform efficient auditing of files that will be executed and linked by an application according to the downloaded status code. Finally, this application can then be launched safely. We used a real operating system to evaluate the performance of the proposed scheme, and the obtained experimental results demonstrated its feasibility.
AB - In this paper we show how to perform efficient auditing of the runtime environment for virtual machines in public cloud systems or standalone computer systems. The goal is to perform real-time integrity checking of executable codes and library files that will be dynamically linked before an application is launched. Auditing these binary files according to their hash values stored in a local machine is deficient because malware or viruses infecting those files can simultaneously alter their corresponding hash values. We propose an effective scheme to perform real-time auditing of such binary files. First, a status code that represents the current status of all executable codes and library files in the runtime environment and comprises only 32 bytes is downloaded from a trusted remote computer. Second, a full binary hash tree is used to perform efficient auditing of files that will be executed and linked by an application according to the downloaded status code. Finally, this application can then be launched safely. We used a real operating system to evaluate the performance of the proposed scheme, and the obtained experimental results demonstrated its feasibility.
KW - Cloud auditing
KW - Malware
KW - Proof-of-violation
KW - Runtime-environment auditing
KW - Virus
UR - http://www.scopus.com/inward/record.url?scp=85063935407&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85063935407&partnerID=8YFLogxK
U2 - 10.6688/JISE.201903_35(2).0005
DO - 10.6688/JISE.201903_35(2).0005
M3 - Article
AN - SCOPUS:85063935407
VL - 35
SP - 323
EP - 339
JO - Journal of Information Science and Engineering
JF - Journal of Information Science and Engineering
SN - 1016-2364
IS - 2
ER -