A central and secured logging data solution for Xen virtual machine

Nguyen Anh Quynh, Yoshiyasu Takefuji

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Citations (Scopus)

Abstract

Logging data is a valuable and an important information to reveal the attacker's activities and to recover broken system. Unfortunately, once the attacker successfully penetrates a protected system, he never fails to either modify the logging data, or even worse, delete them to cover his traces. To avoid such a disaster, it is best to keep logging data in another machine by forwarding them to a central logging server. However, this approach has a flaw: while transmitting on network, the data could be illegally sniffed or the traffic might be secretly redirected to a malicious machine. This paper proposes a novel method named Xenlog to secure logging data for systems run on Xen virtual machine: the solution does not use network stack to send data. Experimental and resulted tool proves that this approach is more secure than the traditional solution, while logging process is far more effective (nearly 21 times faster) and more reliable.

Original languageEnglish
Title of host publicationProceedings of the IASTED International Conference on Parallel and Distributed Computing and Networks, as part of the 24th IASTED International Multi-Conference on APPLIED INFORMATICS
Pages218-224
Number of pages7
Volume2006
Publication statusPublished - 2006
EventIASTED International Conference on Parallel and Distributed Computing and Networks, as part of the 24th IASTED International Multi-Conference on APPLIED INFORMATICS - Innsbruck, Austria
Duration: 2006 Feb 142006 Feb 16

Other

OtherIASTED International Conference on Parallel and Distributed Computing and Networks, as part of the 24th IASTED International Multi-Conference on APPLIED INFORMATICS
CountryAustria
CityInnsbruck
Period06/2/1406/2/16

Fingerprint

Disasters
Servers
Defects
Virtual machine

Keywords

  • Central logging
  • Linux
  • Secured logging
  • Xen virtual machine

ASJC Scopus subject areas

  • Engineering(all)

Cite this

Quynh, N. A., & Takefuji, Y. (2006). A central and secured logging data solution for Xen virtual machine. In Proceedings of the IASTED International Conference on Parallel and Distributed Computing and Networks, as part of the 24th IASTED International Multi-Conference on APPLIED INFORMATICS (Vol. 2006, pp. 218-224)

A central and secured logging data solution for Xen virtual machine. / Quynh, Nguyen Anh; Takefuji, Yoshiyasu.

Proceedings of the IASTED International Conference on Parallel and Distributed Computing and Networks, as part of the 24th IASTED International Multi-Conference on APPLIED INFORMATICS. Vol. 2006 2006. p. 218-224.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Quynh, NA & Takefuji, Y 2006, A central and secured logging data solution for Xen virtual machine. in Proceedings of the IASTED International Conference on Parallel and Distributed Computing and Networks, as part of the 24th IASTED International Multi-Conference on APPLIED INFORMATICS. vol. 2006, pp. 218-224, IASTED International Conference on Parallel and Distributed Computing and Networks, as part of the 24th IASTED International Multi-Conference on APPLIED INFORMATICS, Innsbruck, Austria, 06/2/14.
Quynh NA, Takefuji Y. A central and secured logging data solution for Xen virtual machine. In Proceedings of the IASTED International Conference on Parallel and Distributed Computing and Networks, as part of the 24th IASTED International Multi-Conference on APPLIED INFORMATICS. Vol. 2006. 2006. p. 218-224
Quynh, Nguyen Anh ; Takefuji, Yoshiyasu. / A central and secured logging data solution for Xen virtual machine. Proceedings of the IASTED International Conference on Parallel and Distributed Computing and Networks, as part of the 24th IASTED International Multi-Conference on APPLIED INFORMATICS. Vol. 2006 2006. pp. 218-224
@inproceedings{21a3e4f033124247b3561f5cfa0d4267,
title = "A central and secured logging data solution for Xen virtual machine",
abstract = "Logging data is a valuable and an important information to reveal the attacker's activities and to recover broken system. Unfortunately, once the attacker successfully penetrates a protected system, he never fails to either modify the logging data, or even worse, delete them to cover his traces. To avoid such a disaster, it is best to keep logging data in another machine by forwarding them to a central logging server. However, this approach has a flaw: while transmitting on network, the data could be illegally sniffed or the traffic might be secretly redirected to a malicious machine. This paper proposes a novel method named Xenlog to secure logging data for systems run on Xen virtual machine: the solution does not use network stack to send data. Experimental and resulted tool proves that this approach is more secure than the traditional solution, while logging process is far more effective (nearly 21 times faster) and more reliable.",
keywords = "Central logging, Linux, Secured logging, Xen virtual machine",
author = "Quynh, {Nguyen Anh} and Yoshiyasu Takefuji",
year = "2006",
language = "English",
isbn = "0889865701",
volume = "2006",
pages = "218--224",
booktitle = "Proceedings of the IASTED International Conference on Parallel and Distributed Computing and Networks, as part of the 24th IASTED International Multi-Conference on APPLIED INFORMATICS",

}

TY - GEN

T1 - A central and secured logging data solution for Xen virtual machine

AU - Quynh, Nguyen Anh

AU - Takefuji, Yoshiyasu

PY - 2006

Y1 - 2006

N2 - Logging data is a valuable and an important information to reveal the attacker's activities and to recover broken system. Unfortunately, once the attacker successfully penetrates a protected system, he never fails to either modify the logging data, or even worse, delete them to cover his traces. To avoid such a disaster, it is best to keep logging data in another machine by forwarding them to a central logging server. However, this approach has a flaw: while transmitting on network, the data could be illegally sniffed or the traffic might be secretly redirected to a malicious machine. This paper proposes a novel method named Xenlog to secure logging data for systems run on Xen virtual machine: the solution does not use network stack to send data. Experimental and resulted tool proves that this approach is more secure than the traditional solution, while logging process is far more effective (nearly 21 times faster) and more reliable.

AB - Logging data is a valuable and an important information to reveal the attacker's activities and to recover broken system. Unfortunately, once the attacker successfully penetrates a protected system, he never fails to either modify the logging data, or even worse, delete them to cover his traces. To avoid such a disaster, it is best to keep logging data in another machine by forwarding them to a central logging server. However, this approach has a flaw: while transmitting on network, the data could be illegally sniffed or the traffic might be secretly redirected to a malicious machine. This paper proposes a novel method named Xenlog to secure logging data for systems run on Xen virtual machine: the solution does not use network stack to send data. Experimental and resulted tool proves that this approach is more secure than the traditional solution, while logging process is far more effective (nearly 21 times faster) and more reliable.

KW - Central logging

KW - Linux

KW - Secured logging

KW - Xen virtual machine

UR - http://www.scopus.com/inward/record.url?scp=34047143797&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=34047143797&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:34047143797

SN - 0889865701

SN - 9780889865709

VL - 2006

SP - 218

EP - 224

BT - Proceedings of the IASTED International Conference on Parallel and Distributed Computing and Networks, as part of the 24th IASTED International Multi-Conference on APPLIED INFORMATICS

ER -