Harnessing Virtualization Technology for Intrusion Detection and Analysis
Hans P. Reiser,
University of Passau –
Virtualization technology has been know for several decades, and has become one of the core technologies of cloud infrastructures. Main benefits include the possibility to efficiently share resources securely among multiple tenants, running multiple operating systems, and including the ability to rapidly allocate, migrate and de-allocate virtual machines. Virtualization has also proven to be useful for building highly available, replicated systems.
In this talk, we explore a different dimension of virtualization technology: its ability to support the detection and analysis of intrusions. In the Bavarian FORSEC project, we investigate new approaches for enhancing security in large-scale distributed system. The CloudIDEA architecture (Cloud Intrusion DEtection and Analysis) extends a cloud management platform with the ability to continuously monitor virtual machines using low-impact introspection techniques, automatically react to suspicious behaviour with system reconfigurations, and analyze in detail (potentially) malicious actions with more heavy-weight introspection approaches. Core building blocks of this architecture are LibVMTrace, a virtual machine tracing library that builds upon LibVMI, and CloudPhylactor, a secure architecture that enables running introspection applications in isolated domains in cloud environments. In future work, we plan to extend our work regarding forensic data acquisition and processing, visualization, and reporting of IT-security incidents.
Hans P. Reiser is professor at University of Passau, where he joined the Institute of IT Security and Security Law in 2011. He holds a PhD in the area of middleware for fault-tolerant systems from Ulm University. Since 2007 he worked as an assistant professor at LaSIGE, University of Lisbon, and in 2010 he spent one semester at the Carnegie Mellon University, Pittsburgh, USA as a visiting professor. Hans P. Reiser’s research focus is on technical aspects of reliability and security in distributed systems, including algorithms and architectures for intrusion tolerant systems, adaptability and self-optimization of group communication systems, concepts for secure and reliable cloud computing, and methods for incident investigation in cloud environments.
Date: 2016-Mar-17 Time: 12:00:00 Room: 020
For more information:
Workshop “Metabolism and mathematical models: Two for a tango” – 2nd Edition
Title: Workshop Metabolism and mathematical models: Two for a tango – 2nd Edition
Dates: October 25-26, 2022
Location: This workshop will be held in a virtual way
The topic of this workshop is metabolism in general, with a special focus, although not exclusive, on parasitology. Besides an exploration of the biological, biochemical and biomedical aspects, the workshop will also aim at presenting some of the mathematical modelling, algorithmic theory and software development that have become crucial to explore such aspects.
This workshop is being organised in the context of two projects, both with the Inria European Team Erable. One of the projects involves a partnership with the University of São Paulo (USP), in São Paulo, Brazil, more specifically the Institute of Mathematics and Statistics (IME) and the Institute of Biomedical Sciences – Inria Associated Team Capoeira – and the other involves the Inesc-ID/IST in Portugal, ETH in Zürich and EMBL in Heidelberg – H2020 Twinning Project Olissipo.
The workshop is open to all members of these two projects but also, importantly, to the community in general.
The program and more details are available here.