DocumentCode :
2644558
Title :
Aquarius: A Tiny Hypervisor to Introspect Commodity OSes in a Non-bypassable Way
Author :
Wen, Yan ; Zhao, Jinjing ; Huang, Minhuan ; Chen, Hua
Author_Institution :
Beijing Inst. of Syst. Eng., Beijing, China
fYear :
2011
fDate :
June 30 2011-July 2 2011
Firstpage :
403
Lastpage :
407
Abstract :
In this paper, we propose a novel tiny hardware assisted hypervisor, called Aquarius, to introspect the commodity OSes in a non-bypassable way. Compared to previous hypervisor-based approaches, Aquarius offers three distinct advantages: preinstalled commodity OS compatibility, implicit introspection of OS resources (e.g., memory, I/O device accesses, processes, files, network connections) and non-bypassable information exposing interface. Unlike typical hypervisors, Aquarius can migrate a preinstalled OS onto it. By tracking the low-level interactions between the OS and the hardware, Aquarius is decoupled with the explicit OS implementation information which it is subvertable for the privileged malware. Our functionality evaluation shows Aquarius can accurately reconstruct the OS resources at hypervisor layer while the performance evaluation shows desktop-oriented workloads achieve 92.68% of native speed on average.
Keywords :
invasive software; operating system kernels; virtualisation; Aquarius; OS compatibility; OS resources; commodity OSes; hardware assisted hypervisor; malware; nonbypassable information; Hardware; Kernel; Malware; Program processors; Virtual machine monitors; OS introspection; hardware-assisted hypervisor;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2011 Fifth International Conference on
Conference_Location :
Seoul
Print_ISBN :
978-1-61284-733-7
Electronic_ISBN :
978-0-7695-4372-7
Type :
conf
DOI :
10.1109/IMIS.2011.39
Filename :
5976246
Link To Document :
بازگشت