Harnessing Virtualization Technology for Intrusion Detection and Analysis

Hans P. Reiser,
University of Passau –
Abstract:
Virtualization technology has been know for several decades, and has become one of the core technologies of cloud infrastructures. Main benefits include the possibility to efficiently share resources securely among multiple tenants, running multiple operating systems, and including the ability to rapidly allocate, migrate and de-allocate virtual machines. Virtualization has also proven to be useful for building highly available, replicated systems.
In this talk, we explore a different dimension of virtualization technology: its ability to support the detection and analysis of intrusions. In the Bavarian FORSEC project, we investigate new approaches for enhancing security in large-scale distributed system. The CloudIDEA architecture (Cloud Intrusion DEtection and Analysis) extends a cloud management platform with the ability to continuously monitor virtual machines using low-impact introspection techniques, automatically react to suspicious behaviour with system reconfigurations, and analyze in detail (potentially) malicious actions with more heavy-weight introspection approaches. Core building blocks of this architecture are LibVMTrace, a virtual machine tracing library that builds upon LibVMI, and CloudPhylactor, a secure architecture that enables running introspection applications in isolated domains in cloud environments. In future work, we plan to extend our work regarding forensic data acquisition and processing, visualization, and reporting of IT-security incidents.
Bio
Hans P. Reiser is professor at University of Passau, where he joined the Institute of IT Security and Security Law in 2011. He holds a PhD in the area of middleware for fault-tolerant systems from Ulm University. Since 2007 he worked as an assistant professor at LaSIGE, University of Lisbon, and in 2010 he spent one semester at the Carnegie Mellon University, Pittsburgh, USA as a visiting professor. Hans P. Reiser’s research focus is on technical aspects of reliability and security in distributed systems, including algorithms and architectures for intrusion tolerant systems, adaptability and self-optimization of group communication systems, concepts for secure and reliable cloud computing, and methods for incident investigation in cloud environments.
Date: 2016-Mar-17 Time: 12:00:00 Room: 020
For more information:
Upcoming Events
INESC Brussels HUB Winter Meeting 2023

This edition of the HUB Winter Meeting will be co-organised with Science Business and will take place on the 30 and 31 January, in Lisbon, at Instituto Superior Técnico, Department of Computer Science and Engineering.
Please see below a summary of the agenda, this will be updated on the INESC Brussels HUB website regularly (confirmed speakers and other relevant info). Places for onsite participation are limited so registration is mandatory. Online participants will be sent a ZOOM link for each specific session on the 27th January.
INESC Brussels HUB website: https://hub.inesc.pt/
Monday, 30 January
a) Digital Europe Programme & Chips Act: state of play and possibilities for INESC.
9h to 10h30 GMT
(Exclusive for INESC researchers and administrators).
b) Science Business: how can INESC tap into Science Business network, activities and communications tools.
(Exclusive for INESC researchers and administrators).
c) Networking Lunch (for all onsite participants).
d) Roundtable: From rhetoric to reality – Embedding international strategy in the DNA of research organisations.
(Closed-door, roundtable workshop, Chatham House rules, open to INESC researchers and administrators, external participants by invitation only).
e) Networking Dinner
(By invitation only – INESC researchers participating onsite in the event are elegible to join).
Tuesday, 31 January
f) Workshop: How they did it? Strategic positioning for structural success in Horizon Europe: a discussion of best practices.
(Exclusive for INESC researchers, administrators and international invited speakers).
g) The public consultation on European R&I Programmes: Towards FP10.
(Closed-door, roundtable workshop, Chatham House rules, open to INESC researchers and administrators, external participants by invitation only).
h) Networking Lunch (for all onsite participants).
i) Management Committee meeting (Directors and POB members)
The HUB Winter Meeting aims at bringing together researchers and administrators from the 5 INESC institutes, affiliated higher education institutions in Portugal and abroad, with key European and global players, to:
– Discuss key research and innovation issues at EU level.
– Inform institutional policy and strategy.
– Exchange best-practices about R&I management, career development and policy positioning.
– Promote, discuss and deliver vision, visibility, networking and impactful communication.
– Create, identify and deepen partnerships and collaboration opportunities for collaborative R&I.
INESC-ID ESR Talks – February 2023

If you are a masters/PhD student or a postdoctoral fellow, come and present your work in an informal and friendly environment – and savour some tasty snacks!
Individual talks will be 10-15 minutes plus time for feedback. Enroll on your selected date by emailing pedro.ferreira[at]inesc-id.pt.
Happening on the second Wednesday of every month (4pm-5pm):
- 11 January (Alves Redol, Room 9)
- 15 February (Alves Redol, Room 9)
- 15 March (Alves Redol, Room 9)
- 12 April (Alves Redol, Room 9)
- 10 May (Alves Redol, Room 9)
- 14 June (Alves Redol, Room 9)
- 12 July (Alves Redol, Room 9)
We hope to see you there!