Abstract
The increasing amount of classified information currently being managed by personal computers has resulted in the leakage of such information to external computers, which is a major problem. To prevent such leakage, we previously proposed a function for tracing the diffusion of classified information in a guest operating system (OS) using a virtual machine monitor (VMM). The tracing function hooks a system call in the guest OS from the VMM, and acquiring the information. By analyzing the information on the VMM side, the tracing function makes it possible to notify the user of the diffusion of classified information. However, this function has a problem in that the administrator of the computer platform cannot grasp the transition of the diffusion of classified processes or file information. In this paper, we present the solution to this problem and report on its evaluation.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Fujii, S., Sato, M., Yamauchi, T., Taniguchi, H.: Evaluation and design of function for tracing diffusion of classified information for file operations with KVM. J. Supercomput. 72(5), 1841–1861 (2016). https://doi.org/10.1007/s11227-016-1671-5
Fujii, S., Sato, M., Yamauchi, T., Taniguchi, H.: Design of function for tracing diffusion of classified information for IPC on KVM. J. Inf. Process. 24(5), 781–792 (2016). https://doi.org/10.2197/ipsjjip.24.781
Moriyama, H., Yamauchi, T., Sato, M., Taniguchi, H.: Performance improvement and evaluation of function for tracing diffusion of classified information on KVM. In: 2017 Fifth International Symposium on Computing and Networking (CANDAR), pp. 463–468, November 2017. https://doi.org/10.1109/CANDAR.2017.91
Hizver, J., Chiueh, T.C.: Real-time deep virtual machine introspection and its applications. In: Proceedings of the 10th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, pp. 3–14 (2014)
Shi, J., Yang, Y., Tang, C.: Hardware assisted hypervisor introspection. SpringerPlus 5(647) (2016)
Zhan, D., Ye, L., Fang, B., et al.: Checking virtual machine kernel control-flow integrity using a page-level dynamic tracing approach. Soft. Comput. 22, 7977–7987 (2018)
Jia, L., Zhu, M., Tu, B.: T-VMI: trusted virtual machine introspection in cloud environments. In: Proceedings of 2017 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGRID), pp. 478–487 (2017)
Enck, W., et al.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. 32(2), 1–29 (2014). (Article 5)
Ji, Y., et al.: RAIN: refinable attack investigation with on-demand inter-process information flow tracking. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS 2017), pp. 377–390 (2017)
Acknowledgements
This work was partially supported by JSPS KAKENHI Grant Numbers 19H04109 and 19K20246.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Moriyama, H., Yamauchi, T., Sato, M., Taniguchi, H. (2021). Improvement and Evaluation of a Function for Tracing the Diffusion of Classified Information on KVM. In: Barolli, L., Li, K., Enokido, T., Takizawa, M. (eds) Advances in Networked-Based Information Systems. NBiS 2020. Advances in Intelligent Systems and Computing, vol 1264. Springer, Cham. https://doi.org/10.1007/978-3-030-57811-4_32
Download citation
DOI: https://doi.org/10.1007/978-3-030-57811-4_32
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-57810-7
Online ISBN: 978-3-030-57811-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)