{"title":"CloudImmu:云中的二进制应用程序的透明保护","authors":"Xinyuan Wang","doi":"10.1109/MILCOM52596.2021.9653063","DOIUrl":null,"url":null,"abstract":"As more organizations are moving their IT infrastructures from on-premises to the cloud, cloud security breaches have just surpassed on-premises breaches. There is a pressing need to develop practical and deployable cyber defense capabilities to protect the enormous amount of potentially vulnerable binary applications in the cloud from previously unseen cyberattacks. In this paper, we present CloudImmu, a practical cloud cyber defense system that is built upon a novel combination of binary rewriting and instrumentation techniques, virtual machine introspection and hypervisor level anomaly detection techniques. Our immunization tool has successfully “immunized” large real world binary applications such as bash, Snort, and our experiments with real world exploits have shown that CloudImmu can detect and block cyberattacks on properly immunized, otherwise vulnerable binary applications in virtual machines in real-time without using any prior knowledge of the attacks. Our benchmark experiments show that CloudImmu incurs less than 1.06% overall run-time performance overhead on typical applications with typical workloads.","PeriodicalId":187645,"journal":{"name":"MILCOM 2021 - 2021 IEEE Military Communications Conference (MILCOM)","volume":"154 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-11-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"CloudImmu: Transparent Protection of Binary Applications in the Cloud\",\"authors\":\"Xinyuan Wang\",\"doi\":\"10.1109/MILCOM52596.2021.9653063\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As more organizations are moving their IT infrastructures from on-premises to the cloud, cloud security breaches have just surpassed on-premises breaches. There is a pressing need to develop practical and deployable cyber defense capabilities to protect the enormous amount of potentially vulnerable binary applications in the cloud from previously unseen cyberattacks. In this paper, we present CloudImmu, a practical cloud cyber defense system that is built upon a novel combination of binary rewriting and instrumentation techniques, virtual machine introspection and hypervisor level anomaly detection techniques. Our immunization tool has successfully “immunized” large real world binary applications such as bash, Snort, and our experiments with real world exploits have shown that CloudImmu can detect and block cyberattacks on properly immunized, otherwise vulnerable binary applications in virtual machines in real-time without using any prior knowledge of the attacks. Our benchmark experiments show that CloudImmu incurs less than 1.06% overall run-time performance overhead on typical applications with typical workloads.\",\"PeriodicalId\":187645,\"journal\":{\"name\":\"MILCOM 2021 - 2021 IEEE Military Communications Conference (MILCOM)\",\"volume\":\"154 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-11-29\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"MILCOM 2021 - 2021 IEEE Military Communications Conference (MILCOM)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/MILCOM52596.2021.9653063\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"MILCOM 2021 - 2021 IEEE Military Communications Conference (MILCOM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MILCOM52596.2021.9653063","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
CloudImmu: Transparent Protection of Binary Applications in the Cloud
As more organizations are moving their IT infrastructures from on-premises to the cloud, cloud security breaches have just surpassed on-premises breaches. There is a pressing need to develop practical and deployable cyber defense capabilities to protect the enormous amount of potentially vulnerable binary applications in the cloud from previously unseen cyberattacks. In this paper, we present CloudImmu, a practical cloud cyber defense system that is built upon a novel combination of binary rewriting and instrumentation techniques, virtual machine introspection and hypervisor level anomaly detection techniques. Our immunization tool has successfully “immunized” large real world binary applications such as bash, Snort, and our experiments with real world exploits have shown that CloudImmu can detect and block cyberattacks on properly immunized, otherwise vulnerable binary applications in virtual machines in real-time without using any prior knowledge of the attacks. Our benchmark experiments show that CloudImmu incurs less than 1.06% overall run-time performance overhead on typical applications with typical workloads.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
