TY - GEN A1 - Sianipar, Johannes Harungguan A1 - Sukmana, Muhammad Ihsan Haikal A1 - Meinel, Christoph T1 - Moving sensitive data against live memory dumping, spectre and meltdown attacks T2 - 26th International Conference on Systems Engineering (ICSEng) N2 - The emergence of cloud computing allows users to easily host their Virtual Machines with no up-front investment and the guarantee of always available anytime anywhere. But with the Virtual Machine (VM) is hosted outside of user's premise, the user loses the physical control of the VM as it could be running on untrusted host machines in the cloud. Malicious host administrator could launch live memory dumping, Spectre, or Meltdown attacks in order to extract sensitive information from the VM's memory, e.g. passwords or cryptographic keys of applications running in the VM. In this paper, inspired by the moving target defense (MTD) scheme, we propose a novel approach to increase the security of application's sensitive data in the VM by continuously moving the sensitive data among several memory allocations (blocks) in Random Access Memory (RAM). A movement function is added into the application source code in order for the function to be running concurrently with the application's main function. Our approach could reduce the possibility of VM's sensitive data in the memory to be leaked into memory dump file by 2 5% and secure the sensitive data from Spectre and Meltdown attacks. Our approach's overhead depends on the number and the size of the sensitive data. KW - Virtual Machine KW - Memory Dumping KW - Security KW - Cloud Computing KW - Spectre KW - Meltdown Y1 - 2019 SN - 978-1-5386-7834-3 PB - IEEE CY - New York ER - TY - GEN A1 - Sianipar, Johannes Harungguan A1 - Willems, Christian A1 - Meinel, Christoph T1 - Virtual machine integrity verification in Crowd-Resourcing Virtual Laboratory T2 - 2018 IEEE 11th Conference on Service-Oriented Computing and Applications (SOCA) N2 - In cloud computing, users are able to use their own operating system (OS) image to run a virtual machine (VM) on a remote host. The virtual machine OS is started by the user using some interfaces provided by a cloud provider in public or private cloud. In peer to peer cloud, the VM is started by the host admin. After the VM is running, the user could get a remote access to the VM to install, configure, and run services. For the security reasons, the user needs to verify the integrity of the running VM, because a malicious host admin could modify the image or even replace the image with a similar image, to be able to get sensitive data from the VM. We propose an approach to verify the integrity of a running VM on a remote host, without using any specific hardware such as Trusted Platform Module (TPM). Our approach is implemented on a Linux platform where the kernel files (vmlinuz and initrd) could be replaced with new files, while the VM is running. kexec is used to reboot the VM with the new kernel files. The new kernel has secret codes that will be used to verify whether the VM was started using the new kernel files. The new kernel is used to further measuring the integrity of the running VM. KW - Virtual Machine KW - Integrity Verification KW - Crowd-Resourcing KW - Cloud Computing Y1 - 2019 SN - 978-1-5386-9133-5 U6 - https://doi.org/10.1109/SOCA.2018.00032 SN - 2163-2871 SP - 169 EP - 176 PB - IEEE CY - New York ER -