research-article

SPLM: Security Protection of Live Virtual Machine Migration in Cloud Computing

Authors:

Weiqing HuangAuthors Info & Claims

SCC '16: Proceedings of the 4th ACM International Workshop on Security in Cloud Computing

Pages 2 - 9

https://doi.org/10.1145/2898445.2898446

Published: 30 May 2016 Publication History

Abstract

Virtual machine live migration technology, as an important support for cloud computing, has become a central issue in recent years. The virtual machines' runtime environment is migrated from the original physical server to another physical server, maintaining the virtual machines running at the same time. Therefore, it can make load balancing among servers and ensure the quality of service. However, virtual machine migration security issue cannot be ignored due to the immature development of it. This paper we analyze the security threats of the virtual machine migration, and compare the current proposed protection measures. While, these methods either rely on hardware, or lack adequate security and expansibility. In the end, we propose a security model of live virtual machine migration based on security policy transfer and encryption, named as SPLM (Security Protection of Live Migration) and analyze its security and reliability, which proves that SPLM is better than others. This paper can be useful for the researchers to work on this field. The security study of live virtual machine migration in this paper provides a certain reference for the research of virtualization security, and is of great significance.

References

[1]

M. Alhashmi and R.U. Creative. A View of Cloud Computing. International Journal of Computers & Technology, 53(4):50--58, 2013.

Digital Library

[2]

R. J. Adair. A virtual machine system for the 360/40. International Business Machines Corporation, Cambridge Scientific Center, 1966.

[3]

L. Qian, Z. Luo, Y. Du and L Guo. Cloud computing: an overview. Cloud Computing, Springer Berlin Heidelberg, 626--631, 2009.

Digital Library

[4]

K. Adams and O. Agesen. A comparison of software and hardware techniques for x86 virtualization. ACM Sigplan Notices, 41(11): 2--13, 2006.

Digital Library

[5]

A. V. Cleeff, W. Pieters and R. Wieringa. Security implications of virtualization: A literature study. In Proceedings of the 2009 International Conference on Computational Science and Engineering, pages 353--358, 2009.

Digital Library

[6]

D. G. Feng, M. Zhang, Y. Zhang and X. Zhen. Study on cloud computing security. Journal of software, 22(1): 71--83, 2011.

[7]

C. Clark, K. Fraser, S. Hand, J. G. Hansen and E. Jul. Live migration of virtual machines. In Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation, Volume 2 of USENIX Association, pages 273--286, May 2005.

Digital Library

[8]

M. Nelson, B. H. Lim and G. Hutchins. Fast Transparent Migration for Virtual Machines. In USENIX Annual Technical Conference, General Track, pages 391--394, 2005.

Digital Library

[9]

J. Oberheide, E. Cooke and F. Jahanian. Empirical exploitation of live virtual machine migration. In Proceedings of BlackHat DC convention, 2008.

[10]

P. Barham, B. Dragovic, K. Fraser, S. Hand and A. Warfield. Xen and the art of virtualization. ACM SIGOPS Operating Systems Review, 37(5): 164--177, 2003.

Digital Library

[11]

A. Kivity, Y. Kamay, D. Laor and U. Lublin. kvm: the Linux virtual machine monitor. In Proceedings of the Linux Symposium, volume 1, pages 225--230, 2007.

[12]

C. A. Waldspurger. Memory resource management in VMware ESX server. ACM SIGOPS Operating Systems Review, 36(SI): 181--194, 2002.

Digital Library

[13]

M. Aslam, C. Gehrmann and M. Björkman. Security and trust preserving vm migrations in public clouds. In Proceedings of the 11th International Conference on Trust, Security and Privacy in Computing and Communications (Trust Com), pages 869--876, 2012.

Digital Library

[14]

F. Zhang, Y. Huang, H. Wang, H. Chen and B. Zang. PALM: security preserving VM live migration for systems with VMM-enforced protection. In Proceedings of the 3rd Asia-Pacific Trusted Infrastructure Technologies Conference (APTC), pages 9--18, 2008.

Digital Library

[15]

M. R. Hines and K. Gopalan. Post-copy based live virtual machine migration using adaptive pre-paging and dynamic self-ballooning. In Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, pages 51--60, 2009.

Digital Library

[16]

W. Fan, W. Huang, F. Jiang, C. Liu, B. Lv and R. Wang. Research on Security of Memory Leakage in Live Migration Based Vitualization. In Proceedings of 24th National Conference on Information Security, pages 12--17, 2014.

[17]

Y. Hu, S. Panhale, T. Li, E. Kaynar, D. Chan, U. Deshpande, P. Yang and K. Gopalan. Performance Analysis of Encryption in Securing the Live Migration of Virtual Machines. In Proceedings of the IEEE 8th International Conference on Cloud Computing, pages 613--620, 2015.

Digital Library

[18]

S. B. Rathod and V. K. Reddy. Secure Live VM Migration in Cloud Computing: A Survey. International Journal of Computer Applications, 103(2), 2014.

[19]

M. Aiash, G. Mapp and O. Gemikonakli. Secure live virtual machines migration: issues and solutions. In Proceedings of the 28th International Conference on Advanced Information Networking and Applications Workshops, pages 160--165, 2014.

Digital Library

[20]

Z. Wang Z and X. Jiang. Hypersafe: A lightweight approach to provide lifetime hypervisor control-flow integrity. In 2010 IEEE Symposium on Security and Privacy (SP), pages 380--395, 2010.

Digital Library

[21]

J. Shetty and A. MR. A survey on techniques of secure live migration of virtual machine. International Journal of Computer Applications, 39(12): 34--39, 2012.

[22]

X. Chen, X. Gao, H. Wan, S. Wang and X. Long. Application-Transparent Live Migration for virtual machine on network security enhanced hypervisor. China Communications, 2011, 8(3):32--42, 2011.

[23]

B. Sulaiman, N. Azman and H. Masuda. Evaluation of A Secure Live Migration of Virtual Machines Using IPsec Implementation. In Proceedings of the 3rd International Conference on Advanced Applied Informatics, pages 687--693, 2014.

[24]

W. Wang, Y. Zhang, B. Lin and K. Miao. Secured and reliable VM migration in personal cloud. In Proceedings of the 2nd International Conference on Computer Engineering and Technology, pages 705--709, 2010.

[25]

O. Levy, A. Kumar and P. Goel. Advanced Security Features of Intel vPro Technology. Intel Technology Journal, 12(4), 2008.

[26]

B. Danev B, R. J. Masti, G. O. Karame and S. Capkun. Enabling secure VM-vTPM migration in private clouds. In Proceedings of the 27th Annual Computer Security Applications Conference, ACM, pages 187--196, 2011.

Digital Library

[27]

W. Fan, C. Kong, Z. Zhang, T. Wang, J. Zhang and W. Huang. Security Protection Model on Live Migration for KVM Virtualization. Journal of Software, in press.

[28]

Trusted Computing Group, http://www.trustedcomputing group.org.

Cited By

Haris RBarhamgi MBadawy ANhlabatsi AKhan K(2025) Enhancing Security and Performance in Live VM Migration: A Machine Learning‐Driven Framework With Selective Encryption for Enhanced Security and Performance in Cloud Computing Environments Expert Systems10.1111/exsy.1382342:2Online publication date: 9-Jan-2025
https://doi.org/10.1111/exsy.13823
Mangalagowri RVenkataraman R(2023)Ensure secured data transmission during virtual machine migration over cloud computing environmentInternational Journal of System Assurance Engineering and Management10.1007/s13198-022-01834-8Online publication date: 6-Jan-2023
https://doi.org/10.1007/s13198-022-01834-8
Haris RKhan KNhlabatsi A(2022)Live migration of virtual machine memory content in networked systemsComputer Networks10.1016/j.comnet.2022.108898209(108898)Online publication date: May-2022
https://doi.org/10.1016/j.comnet.2022.108898
Show More Cited By

Index Terms

SPLM: Security Protection of Live Virtual Machine Migration in Cloud Computing
1. Security and privacy
  1. Systems security
    1. Operating systems security
      1. Virtualization and security

Recommendations

Enabling Instantaneous Relocation of Virtual Machines with a Lightweight VMM Extension
CCGRID '10: Proceedings of the 2010 10th IEEE/ACM International Conference on Cluster, Cloud and Grid Computing

We are developing an efficient resource management system with aggressive virtual machine (VM) relocation among physical nodes in a data center. Existing live migration technology, however, requires a long time to change the execution host of a VM, it ...
Performance Analysis for Pareto-Optimal Green Consolidation Based on Virtual Machines Live Migration

Huge energy requirement of cloud data centers is prime concern. Dynamic Virtual Machine VM consolidation based on VM live migration to switched-off or put some of the under-loaded host Physical Machines PMs into a low power consumption mode can ...
Transparently bridging semantic gap in CPU management for virtualized environments

Consolidated environments are progressively accommodating diverse and unpredictable workloads in conjunction with virtual desktop infrastructure and cloud computing. Unpredictable workloads, however, aggravate the semantic gap between the virtual ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SCC '16: Proceedings of the 4th ACM International Workshop on Security in Cloud Computing

May 2016

98 pages

ISBN:9781450342858

DOI:10.1145/2898445

Program Chairs:
Sheng Zhong
Nanjing University, China
,
Anna Squicciarini
The Pennsylvania State University, US

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 May 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

National Natural Science Foundation of China

Conference

ASIA CCS '16

Sponsor:

SIGSAC

ASIA CCS '16: ACM Asia Conference on Computer and Communications Security

May 30, 2016

Xi'an, China

Acceptance Rates

SCC '16 Paper Acceptance Rate 12 of 31 submissions, 39%;

Overall Acceptance Rate 64 of 159 submissions, 40%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
420
Total Downloads

Downloads (Last 12 months)19
Downloads (Last 6 weeks)4

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Haris RBarhamgi MBadawy ANhlabatsi AKhan K(2025) Enhancing Security and Performance in Live VM Migration: A Machine Learning‐Driven Framework With Selective Encryption for Enhanced Security and Performance in Cloud Computing Environments Expert Systems10.1111/exsy.1382342:2Online publication date: 9-Jan-2025
https://doi.org/10.1111/exsy.13823
Mangalagowri RVenkataraman R(2023)Ensure secured data transmission during virtual machine migration over cloud computing environmentInternational Journal of System Assurance Engineering and Management10.1007/s13198-022-01834-8Online publication date: 6-Jan-2023
https://doi.org/10.1007/s13198-022-01834-8
Haris RKhan KNhlabatsi A(2022)Live migration of virtual machine memory content in networked systemsComputer Networks10.1016/j.comnet.2022.108898209(108898)Online publication date: May-2022
https://doi.org/10.1016/j.comnet.2022.108898
Jaber A(2022)Model for Preventing DDoS Attacks Using a HypervisorAdvances on P2P, Parallel, Grid, Cloud and Internet Computing10.1007/978-3-031-19945-5_7(62-85)Online publication date: 18-Oct-2022
https://doi.org/10.1007/978-3-031-19945-5_7
Ranaweera PJurcut ALiyanage M(2021)Survey on Multi-Access Edge Computing Security and PrivacyIEEE Communications Surveys & Tutorials10.1109/COMST.2021.306254623:2(1078-1124)Online publication date: Oct-2022
https://doi.org/10.1109/COMST.2021.3062546
Le DKumar RNguyen GChatterjee J(2018)Live Migration Security in CloudCloud Computing and Virtualization10.1002/9781119488149.ch4(53-73)Online publication date: 25-Mar-2018
https://doi.org/10.1002/9781119488149.ch4
Qiu ZGuo ZSun YLiu YWang Y(2017)POUX: Performance Optimization Strategy for Cloud Platforms Based on User Experience2017 3rd International Conference on Big Data Computing and Communications (BIGCOM)10.1109/BIGCOM.2017.60(200-207)Online publication date: Aug-2017
https://doi.org/10.1109/BIGCOM.2017.60
Jaber AZolkipli MShakir HJassim M(2017)Host Based Intrusion Detection and Prevention Model Against DDoS Attack in Cloud ComputingAdvances on P2P, Parallel, Grid, Cloud and Internet Computing10.1007/978-3-319-69835-9_23(241-252)Online publication date: 3-Nov-2017
https://doi.org/10.1007/978-3-319-69835-9_23
Fan WZhang ZWang THu BQing SSun D(2016)Research on Security Algorithm of Virtual Machine Live Migration for KVM Virtualization SystemInformation and Communications Security10.1007/978-3-319-50011-9_5(54-70)Online publication date: 25-Nov-2016
https://doi.org/10.1007/978-3-319-50011-9_5

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten