Virtualization-based security monitoring

20Citations
Citations of this article
8Readers
Mendeley users who have this article in their library.

Abstract

In recent years, virtualization technology is the novel trendy of computer architecture, and it provides a solution for security monitoring. Due to the highest privilege and the smaller trusted computing base of virtual machine monitor, security tools, deployed in an isolated virtual machine, can inspect the target virtual machine with the help of virtual machine monitor. This approach can enhance the effectiveness and anti-attack ability of security tools. From the aspect of the implementation technologies, existing research works can be classified into internal monitoring and external monitoring. According to the different targets, the related works about virtualization-based monitoring are introduced in this paper in detail, such as intrusion detection, honeypot, file integrity monitoring, malware detection and analysis, security monitoring architecture and the generality of monitoring. Finally, this paper summarizes the shortcomings of existing works, and presents the future research directions. It is significant for virtualization research and security monitoring research. ©2012 ISCAS.

Cite

CITATION STYLE

APA

Xiang, G. F., Jin, H., Zou, D. Q., & Chen, X. G. (2012). Virtualization-based security monitoring. Ruan Jian Xue Bao/Journal of Software, 23(8), 2173–2187. https://doi.org/10.3724/SP.J.1001.2012.04219

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free