Reading PAGE

Peer Evaluation activity

Downloads 1
Views 3

Total impact ?

    Send a

    fabrizio has...

    Trusted 0
    Reviewed 0
    Emailed 0
    Shared/re-used 0
    Discussed 0
    Invited 0
    Collected 0

     

    This was brought to you by:

    block this user fabrizio baiardi Trusted member

    Professor

    Dipartimento di Informatica Università di Pisa

    Semantic Attestation of Node Integrity in Overlays

    Export to Mendeley

    Attestation of node integrity increases the security of overlay networks by detecting and removing nodes affected by malware. This is fundamental because in an overlay even a single node running some malware can greatly decrease the overlay security. Virtual Integrity Measurement System (VIMS) is a semantic attestation-based framework that determines whether a node can join an overlay according to both its configuration and its current behavior. VIMS fully exploits virtualization by running two virtual machines (VMs) on every overlay node: the Monitored VM (Mon-VM), which runs the overlay application, and the Assurance VM (A-VM), which checks the integrity of the Mon-VM. Before a node is allowed to join an overlay, some overlay nodes interact with the node A-VM to attest the integrity of the applications and of the OS of the node Mon-VM. After this start-up attestation, and as long as the node belongs to the overlay, the A-VM continuously checks the integrity of the Mon-VM to discover anomalies due to attacks. As soon as any check fails, the node is disconnected from the overlay. The security policy of the overlay defines the complexity and the execution frequency of the checks. The complexity ranges from integrity checks on the code of the application and of the OS to a detailed monitoring of the application behavior that exploits introspection. VIMS supports mutual trust because any node of an overlay can assess the integrity of any other node. The paper presents the architecture of VIMS, its application to P2P and VPN overlays and a preliminary evaluation of the corresponding overhead. Springer-Verlag 2010.

    Oh la laClose

    Your session has expired but don’t worry, your message
    has been saved.Please log in and we’ll bring you back
    to this page. You’ll just need to click “Send”.

    Your evaluation is of great value to our authors and readers. Many thanks for your time.

    Review Close

    Short review
    Select a comment
    Select a grade
    You and the author
    Anonymity My review is anonymous( Log in  or  Register )
    publish
    Close

    When you're done, click "publish"

    Only blue fields are mandatory.

    Relation to the author*
    Overall Comment*
    Anonymity* My review is anonymous( Log in  or  Register )
     

    Focus & Objectives*

    Have the objectives and the central topic been clearly introduced?

    Novelty & Originality*

    Do you consider this work to be an interesting contribution to knowledge?

    Arrangement, Transition and Logic

    Are the different sections of this work well arranged and distributed?

    Methodology & Results

    Is the author's methodology relevant to both the objectives and the results?

    Data Settings & Figures

    Were tables and figures appropriate and well conceived?

    References and bibliography

    Is this work well documented and has the bibliography been properly established?

    Writing

    Is this work well written, checked and edited?

    Write Your Review (you can paste text as well)
    Please be civil and constructive. Thank you.


    Grade (optional, N/A by default)

    N/A 1 1.5 2 2.5 3 3.5 4 4.5 5 5.5 6 6.5 7 7.5 8 8.5 9 9.5 10
    Close

    Your mailing list is currently empty.
    It will build up as you send messages
    and links to your peers.

     No one besides you has access to this list.
    Close
    Enter the e-mail addresses of your recipients in the box below.  Note: Peer Evaluation will NOT store these email addresses   log in
    Your recipients

    Your message:

    Your email : Your email address will not be stored or shared with others.

    Your message has been sent.

    Description

    Title : Semantic Attestation of Node Integrity in Overlays
    Author(s) : Fabrizio Baiardi, Daniele Sgandurra
    Abstract : Attestation of node integrity increases the security of overlay networks by detecting and removing nodes affected by malware. This is fundamental because in an overlay even a single node running some malware can greatly decrease the overlay security. Virtual Integrity Measurement System (VIMS) is a semantic attestation-based framework that determines whether a node can join an overlay according to both its configuration and its current behavior. VIMS fully exploits virtualization by running two virtual machines (VMs) on every overlay node: the Monitored VM (Mon-VM), which runs the overlay application, and the Assurance VM (A-VM), which checks the integrity of the Mon-VM. Before a node is allowed to join an overlay, some overlay nodes interact with the node A-VM to attest the integrity of the applications and of the OS of the node Mon-VM. After this start-up attestation, and as long as the node belongs to the overlay, the A-VM continuously checks the integrity of the Mon-VM to discover anomalies due to attacks. As soon as any check fails, the node is disconnected from the overlay. The security policy of the overlay defines the complexity and the execution frequency of the checks. The complexity ranges from integrity checks on the code of the application and of the OS to a detailed monitoring of the application behavior that exploits introspection. VIMS supports mutual trust because any node of an overlay can assess the integrity of any other node. The paper presents the architecture of VIMS, its application to P2P and VPN overlays and a preliminary evaluation of the corresponding overhead. Springer-Verlag 2010.
    Subject : unspecified
    Area : Other
    Language : English
    Year : 2010

    Affiliations Dipartimento di Informatica Università di Pisa
    Editors : Robert Meersman, Tharam Dillon, Pilar Herrero
    Journal : Lecture Notes in Computer Science including subseries Lecture No
    Volume : 6426
    Issue : PART 1
    Publisher : Springer Berlin Heidelberg
    City : Berlin, Heidelberg
    Pages : 656 - 671
    Url : http://www.springerlink.com/index/10.1007/978-3-642-16934-2_48
    Isbn : 978-3-642-16933-5
    Doi : 10.1007/978-3-642-16934-2_48

    Leave a comment

    This contribution has not been reviewed yet. review?

    You may receive the Trusted member label after :

    • Reviewing 10 uploads, whatever the media type.
    • Being trusted by 10 peers.
    • If you are blocked by 10 peers the "Trust label" will be suspended from your page. We encourage you to contact the administrator to contest the suspension.

    Does this seem fair to you? Please make your suggestions.

    Please select an affiliation to sign your evaluation:

    Cancel Evaluation Save

    Please select an affiliation:

    Cancel   Save

    fabrizio's Peer Evaluation activity

    fabrizio has...

    Trusted 0
    Reviewed 0
    Emailed 0
    Shared/re-used 0
    Discussed 0
    Invited 0
    Collected 0
    Invite this peer to...
    Title
    Start date (dd/mm/aaaa)
    Location
    URL
    Message
    send
    Close

    Full Text request

    Your request will be sent.

    Please enter your email address to be notified
    when this article becomes available

    Your email


     
    Your email address will not be shared or spammed.