虚拟化前沿技术

(转自)http://www.yl.is.s.u-tokyo.ac.jp/~koichi/others/virtualization.html

2010

•  
  • HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity
    Z. Wang and X. Jiang
    North Carolina State University
• The 5th European Conference on Computer Systems

• [Secure Systems]

  ---

•  
  • NOVA: A MicrohypervisorBased Secure Virtualization Architecture
    U. Steinberg and B. Kauer
    TU Dresden
• The 5th European Conference on Computer Systems

• [Kernel]

  ---

•  
  • Capability Wrangling Made Easy: Debugging on a Microkernel with Valgrind
    A. Pohle, B. Döbel, M. Roitzsch, H. Härtig
    Technische Universität Dresden
    
    
  • Multi-Stage Replay with Crosscut
    J. Chow (*), D. Lucchetti (*), T. Garfinkel (*), G. Lefebvre (*), R. Gardner (*), J. Mason (*), S. Small (*), and P. Chen (**)
    * VMware, Inc, ** University of Michigan
    
    
  • Optimizing Crash Dump in Virtualized Environments
    Y. Huang, H. Chen, and B. Zang
    Fudan University
    
    
  • AASH: An Asymmetry-Aware Scheduler for Hypervisors
    V. Kazempour, A. Kamali, and A. Fedorova
    Simon Fraser University
    
    
  • Supporting Soft Real-Time Tasks in the Xen Hypervisor
    M. Lee (*), A. Krishnakumar (**), P. Krishnan (**), N. Singh (**), and S. Yajnik (**)
    * Georgia Institute of Technology, ** Avaya Laboratories
    
    
• The 2010 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments

• [Debugging and Reply]

  [Hypervisor Scheduling]

---

2009

•  
  • MAVMM: A Lightweight and Purpose-Built VMM for Malware Analysis
    A. Nguyen (*), N. Schear (*), H. Jung (*), A. Godiyal (*), S. King (*), and H. Nguyen (**)
    * University of Illinois at Urbana Champaign, ** Hanoi University of Technology
  • Protecting Kernel Code and Data with a Virtualization-Aware Collaborative Operating System
    D. Oliveira and S. Wu
    UC Davis
  • HIMA: A Hypervisor-Based Integrity Measurement Agent
    A. Azab (*), P. Ning (*), E. Sezer (*), and X. Zhang (**)
    * NC State University, ** IBM TJ Watson Research Lab
• The 20009 Annual Computer Security Applications Conference Symposium

• [Virtualization Security]

  ---

•  
  • Secure In-VM Monitoring Using Hardware Virtualization
    M. Sharif (*), W. Lee (*), W. Cui (**), and A. Lanzi (***)
    * Georgia Institute of Technology, ** Microsoft Research, *** Institute Eurecom
    
    
  • Countering Kernel Rootkits with Lightweight Hook Protection
    Z. Wang (*), X. Jiang (*), W. Cui (**), and P. Ning (*)
    * NC State University, ** Microsoft Research
    
    
• The 16th ACM Conference on Computer and Communications Security

• [Designing Security Systems]

  [System Security]

  ---

•  
  • Lares: An Architecture for Secure Active Monitoring Using Virtualization
    B. Payne, M. Carbone, M. Sharif, and W. Lee
    Georgia Institute of Technology
  • SnowFlock: Rapid Virtual Machine Cloning for Cloud Computing
    H. Lagar-Cavilla (*), J. Whitney (*), A. Scannell (*), P. Patchin (*), S. Rumble (*), E. Lara (*), M. Brudno (*), and M. Satyanarayaman (**)
    * University of Toronto, ** Carnegie Mellon University
  • Automated Control of Multiple Virtualized Resources
    P. Padara, K. Hou, K. Shin, X. Zhu, M. Uysal, Z. Wang, S. Singhal, and A. Merchant
    HP Laboratories
  • Transparent Checkpoints of Closed Distributed Systems in Emulab
    A. Burtsev (*), P. Radhakrishnan (**), M. Hibler (*), and J Lepreau (*)
    * University of Utah, ** NetApp
  • Multi-Aspect Profiling of Kernel Rootkit Behavior
    R. Riley (*), X. Jiang (**), D. Xu (*)
    * Purdue University, ** North Carolina State University
  • TwinDrivers: Semi-Automatic Derivation of Fast and Safe Hypervisor Network Drivers from Guest OS Drivers
    A. Menon, S. Schubert, and W. Zwaenepoel
    Ecole Polytechnique Federale de Lausanne
  • Architectural Support for Shadow Memory in Multiprocessors
    V. Nagarajan and R. Gupta
    University of California
  • Dynamic Memory Balancing for Virtual Machines
    W. Zhao (*) and Z. Wang (**)
    * Michigan Technological University, ** Peking University
  • Post-Copy Based Live Virtual Machine Migration Using Adaptive Pre-Paging and Dynamic Self-Ballooning
    M. Hines and K. Gopalan
    Binghamton University (State University of New York)
  • BitVisor: A Thin Hypervisor for Enforcing I/O Device Security
    T. Shinagawa et al.
    University of Tsukuba
  • ClientVisor: Leverage COTS OS Functionalities for Power Management in Virtualized Desktop Environment
    H. Chen (*), H. Jin (*), Z. Shao (*), K. Yu (**), and K. Tian (**)
    * Huazhong University of Science and Technology, ** Intel Corporation
  • K-Tracer: A System for Extracting Kernel Malware Behavior
    A. Lanzi (*,**), M. Sharif (*), and W. Lee (*)
    * Georgia Institute of Technology, ** Universita degli Studi di Milano
• The 2009 IEEE Symposium on Security and Privacy

• [Defenses]

  ---

• The 4th European Conference on Computer Systems

• [Cloud Computing]

  [Real, Running Systems]

  [Defending against Bad Things]

  ---

• The 14th International Conference on Architectural Support for Programming Languages and Operating Systems

• [Managed Systems]

  ---

• The 2009 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments

• [Memory Management]

  [Migration in the Data Center]

  [Visors]

  ---

• The 16th Annual Network and Distributed System Security Symposium

• [Malware]

---

2008

•  
  • Soft-Timer Driven Transient Kernel Control Flow Attacks and Defense
    J. Wei, B. Payne, J. Giffin, and C. Pu
    Georgia Institute of Technology
• The 2008 Annual Computer Security Applications Conference

• [Kernel-level Defensive Techniques]

  ---

•  
  • Difference Engine: Harnessing Memory Redundancy in Virtual Machines
    D. Gupta (*), S. Lee (**), M. Vrable (*), S. Savage (*), A. Snoeren (*), G. Varghese (*), G. Voelker (*), and A. Vahdat (*)
    * University of California, ** University of Texas at Austin
• The 8th USENIX Symposium on Operating Systems Design and Implementation

• [Various Good Things]

  ---

•  
  • Ether: Malware Analysis via Hardware Virtualization Extensions
    A. Dinaburg, P. Royal, M. Sharif, and W. Lee
    Georgia Institute of Technology, Damballa, Inc.
    
    
• The 15th ACM Conference on Computer and Communications Security

• [Software Security 1]

  ---

•  
  • Remus: High Availability via Asynchronous Virtual Machine Replication
    B. Cully (*), G. Lefebvre (*), D. Meyer (*), M. Feeley (*), N. Hutchinson (*), and A. Warfield (*,**)
    * University of British Columbia, ** Citrix Systems, Inc
• The 5th USENIX Symposium on Networked Systems Design and Implementation

• [Fault Tolerance]

  ---

•  
  • Hypervisor Support for Identifying Covertly Executing Binaries
    L. Litty, H. Lagar-Cavilla, and D. Lie
    University of Toronto
• The 17th USENIX Security Symposium

• [Systems Security]

  ---

•  
  • Towards Application Security on Untrusted Operating Systems
    D. Ports (*,**) and T. Garfinkel (**)
    * MIT CSAIL, ** VMware, Inc
• The 3rd USENIX Workshop on Hot Topics in Security

• [Security Systems]

  ---

•  
  • Decoupling Dynamic Program Analysis from Execution in Virtual Environments
    J. Chow, T. Garfinkel, and P. Chen
    VMware
    
    

  • FlexVol: Flexible, Efficient File Volume Virtualization in WAFL

    J. Edwards, D. Ellard, C. Everhart, R. Fair, E. Hamilton, A. Kahn, A. Kanevsky, J. Lentini, A. Parakash, K. Smith, and E. Zayas
    NetApp, Inc.
    
    

  • Vx32: Lightweight User-level Sandboxing on the x86

    B. Ford and R. Cox
    Massachusetts Institute of Technology
• The 2008 USENIX Annual technical Conference

• [Virtualization]

  [File and Storage Systems] [Security and Bugs]

  ---

•  
  • Guest-Transparent Prevention of Kernel Rootkits with VMM-based Memory Shadowing
    R. Riley (*), X. Jiang (*), D. Xu (*)
    * Purdue University, ** North Carolina State University
• The 11th International Symposium on Recent Advances in Intrusion Detection

• [Rootkit Prevention]

  ---

•  
  • Using Hypervisor to Provide Data Secrecy for User Applications on a Per-Page Basis
    J. Yang and K. Shin
    University of Michigan
    Virtual Machine-Provided Context Sensitive Page Mappings
    N. Rosenblum, G. Cooksey and B. Miller
    University of Michigan
    VMM-based Hidden Process Detection and Identification using Lycosid
    S. Jones, A. Arpaci-Dusseau and R. Arpaci-Dusseau
    University of Wisconsin-Madison
  • Execution Replay for Multiprocessor Virtual Machines
    G. Dunlap (*), D. Lucchetti (*), M. Fetterman (**) and P. Chen (*)
    * University of Michigan, ** University of Cambridge
  • Improving Xen Security through Disaggregation
    D. Murray, G. Milos and S. Hand
    University of Cambridge
  • Overshadow: A Virtualization-Based Approach to Retrofitting Protection in Commodity Operating Systems
    X. Chen (*), T. Garfinkel (*), E. Lewis (*), P. Subrahmanyam (*), C. Waldspurger (*), D. Boneh (**), J. Dwoskin (***) and D. Port (****)
    * VMware, ** Stanford University, *** Princeton University, **** MIT
  • Parallax: Virtual Disks for Virtual Machines
    D. Meyer (*), G. Aggarwal (*), B. Cully (*), G. Lefebvre (*), M. Feeley (*), N. Hutchinson (*) and A. Warfield (*, **)
    * University of British Columbia, ** XenSource, Inc
  • VPFS: Building a Virtual Private File System with a Small Trusted Computing Base
    C. Weinhold and H. Hartig
    Technische Universitat Dresden
  • Application-Level Isolation and Recovery with Solitude
    S. Jain, F. Shafique, V. Djeric and A. Goel
    University of Toronto
• • The 2008 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments

  [Security]

  [Management and Debugging]

  [System Architectures]

  ---

• The 13th International Conference on Architectural Support for Programming Languages and Operating Systems

• [Virtualization]

  ---

• The 3rd European Conference on Computer Systems

• [Distributed Systems]

  [File Systems]

---

2007

•  
  • Secure Isolation of Untrusted Legacy Application
    S. Potter, J. Nieh and M. Selsky
    Columbia University
• • The 21st Large Installation System Administration Conference

  [Virtualization]

  ---

•  
  • SecVisor: A Tiny Hypervisor to Provide Lifetime Kernel Code Integrity for Commodity OSes
    A. Seshadri, M. Luk, N. Qu and A. Perrig
    Carnegie Mellon University
• • The 21st ACM Symposium on Operating Systems Principles

  [Operating System Security]

  ---

•  
  • Nomad: Migrating OS-bypass Networks in Virtual Machines
    W. Huang (*), J. Liu (**), B. Abali (**), M. Koop (*) and D. Panda (*)
    * The Ohio State University, ** IBM T. J. Watson Research Center
    Live Wide-Area Migration of Virtual Machines including Local Persistent State
    R. Bradford, E. Kotsovinos, A. Feldmann and H. Schioberg
    Deutsche Telekom Laboratories
  • Execution Replay for Multiprocessor Virtual Machines
    G. Dunlap (*), D. Lucchetti (*), M. Fetterman (**) and P. Chen (*)
    * University of Michigan, ** University of Cambridge
• • The 2007 ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments

  [Live Migration]

  [Management and Debugging]

  ---

•  
  • Transparent Checkpoint-Restart of Multiple Processes on Commodity Operating Systems
    O. Laadan and J. Nieh
    Columbia University
• The 2007 USENIX Annual technical Conference

• [Kernels]

  ---

•  
  • Automated Detection of Persistent Kernel Control-Flow Attacks
    N. Petroni and M. Hicks
    University of Maryland
    
    Stealthy Malware Detection Through VM-Based ``Out-of-the-Box'' Semantics View Reconstruction
    X. Jiang (*), X. Wang (*) and D. Xu (**)
    * George Mason University, ** Purdue University
• The 14th ACM Conference on Computer and Communications Security

• [Operating Systems and Malware]

---

2006

•  
  • Virtualization Aware File Systems: Getting Beyond the Limitations of Virtual Disks
    B. Pfaff, T. Garfinkel and M. Rosenblum
    Stanford University
  • SubVirt: Implementing malware with virtual machines
    S. King and P. Chen
    University of Michigan
  • Antfarm: Tracking Processes in a Virtual Machine Environment
    S. Jones, A. Arpaci-Dusseau and R. Arpaci-Dusseau
    University of Wisconsin
    
    Optimizing Network Virtualization in Xen
    A. Menon (*), A. Cox (**) and W. Zwaenepoel
    * EPFL, ** Rice University
    
    High Performance VMM-Bypass I/O in Virtual Machines
    J. Liu (*), W. Huang (**), B. Abali (*) and D. Panda (**)
    * IBM T. J. Watson Research Center, ** The Ohio State University
  • Argos: an Emulator for Fingerprinting Zero-Day Attacks
    G. Portokalidis, A. Slowinska, and H. Bos
    Vrije Universiteit Amsterdam
  • Practical Taint-based Protection using Demand Emulation
    A. Ho (*), M. Fetterman (*, **), C. Clark (*), A. Warfield (*), and S. Hand (*)
    * University of Cambridge, ** Intel Research Cambridge
  • Using VMM-based Sensors to Monitor Honeypots
    K. Asrigo, L.. Litty and D. Lie
    University of Toronto

    A Feather-weight Virtual Machine for Windows Applications

    Y. Yu, F. Guo, S. Nanda, L. Lam and T. Chiueh
    Stony Brook University
• The 3rd USENIX Symposium on Network Systems Design and Implementation

• [File and Storage Systems]

  ---

• The 2006 IEEE Symposium on Security and Privacy

• [Attacks]

  ---

• The 2006 USENIX Annual technical Conference

• [Virtualization]

  ---

• The 1st European Conference on Computer Systems

• [Security and Protection]

   

  ---

  • The 2nd International Conference on Virtual Execution Environments

  [Security and Reliability]

•  
  • Splitting Interface: Making Trust Between Applications and Operating Systems Configurable
    R. Ta-Min, L. Litty and D. Lie
    University of Toronto
  • A Comparison of Software and Hardware Techniques for x86 Virtualization
    K. Adams, and O. Agesen
    VMware
• The 7th USENIX Symposium on Operating Systems Design and Implementation

• [Operating System Structure]

  ---

• The 12th International Conference on Architectural Support for Programming Languages and Operating Systems

• [Virtualization]

---

2005

•  
  • Live Migration of Virtual Machines
    C. Clark (*), K. Fraser (*), S. hand (*), J. Hansen (**),, E. Jul (**), C. Limpach (*), I. Pratt (*) and A. Warfield (*)
    * University of Cambridge, ** University of Copenhagen
  •  
    • cf. Plato: A Platform For Virtual Machine Services
      S. King, G. Dunlap and P. Chen
      University of Michigan
  • Detecting Past and Present Intrusions Through Vulnerability-Specific Predicates
    A Joshi, S. King, G. Dunlap and P. Chen
    University of Michigan
    
    
• The 2nd USENIX Symposium on Network Systems Design and Implementation

• [System Management and Configuration]

  ---

• The 20th ACM Symposium on Operating Systems Principles

• [History and Context]

---

2003

•  
  • Xen and the Art of Virtualization
    P. Barham (*), B. Dragovic (**), K. Fraser (**), S. Hand (**), T. Harris (**), A. Ho (**), R. Neugebauer (***), I. Pratt (**), and A. Warfield (**)
    * Microsoft Research, ** Stanford University, *** Intel Research
  • Implementing an Untrusted Operating System on Trusted Hardware
    D. Lie (*), C. Thekkath (**), and M. Horowitz (***)
    * University of Toronto, ** Microsoft Research, *** Stanford University
• • The 19th ACM Symposium on Operating Systems Principles

  [Virtual Machine Monitors]

  ---

•  
  • A Virtual Machine Introspection Based Architecture for Intrusion Detection
    T. Garfinkel and M. Rosenblum
    Stanford University
• The 10th Annual Network and Distributed System Security Symposium

• [Network Monitoring and Intrusion Detection]

---

2002

• The 5th Symposium on Operating Systems Design and Implementation

• [Virtual Machines]

  Revirt: Enabling Intrusion Analysis Through Virtual-Machine Logging and Replay

  G. Dunlap, S. King, S. Cinar, M. Basrai and P. Chen
  University of Michigan