IEEE Transactions on Cloud Computing

From the October-December 2014 issue

Multi-Aspect, Robust, and Memory Exclusive Guest OS Fingerprinting

By Yufei Gu, Yangchun Fu, Aravind Prakash, Zhiqiang Lin, and Heng Yin

Featured article thumbnail imagePrecise fingerprinting of an operating system (OS) is critical to many security and forensics applications in the cloud, such as virtual machine (VM) introspection, penetration testing, guest OS administration, kernel dump analysis, and memory forensics. The existing OS fingerprinting techniques primarily inspect network packets or CPU states, and they all fall short in precision and usability. As the physical memory of a VM always exists in all these applications, in this article, we present OS-Sommelier$^+$ , a multi-aspect, memory exclusive approach for precise and robust guest OS fingerprinting in the cloud. It works as follows: given a physical memory dump of a guest OS, OS-Sommelier$^+$ first uses a code hash based approach from kernel code aspect to determine the guest OS version. If code hash approach fails, OS-Sommelier$^+$ then uses a kernel data signature based approach from kernel data aspect to determine the version. We have implemented a prototype system, and tested it with a number of Linux kernels. Our evaluation results show that the code hash approach is faster but can only fingerprint the known kernels, and data signature approach complements the code signature approach and can fingerprint even unknown kernels.

download PDF View article (PDF)     csdl View issue (CSDL)      TCC Facebook Link  TCC on Facebook      TCC LinkedIn Group  TCC on Linkedin


NOTE: We seek submission of papers that present new, original and innovative ideas for the "first" time in TCC (Transactions on Cloud Computing). That means, submission of "extended versions" of already published works (e.g., conference/workshop papers) is not encouraged unless they contain significant number of "new and original" ideas/contributions along with more than 49% brand "new" material.


Editorials and Announcements

Announcements


Guest Editorials


Author Index



Call for Papers

Special Issue on Many-Task Computing in the Cloud

Submission deadline: March 13, 2015. View PDF.

The Special Issue on Many-Task Computing (MTC) in the Cloud will provide the scientific community a dedicated forum, within the prestigious IEEE Transactions on Cloud Computing journal, for presenting new research, development, and deployment efforts of loosely coupled large scale applications on Cloud Computing infrastructure. MTC, the theme of this special issue, encompasses loosely coupled applications, which are generally composed of many tasks to achieve some larger application goal. This special issue will cover challenges that can hamper efficiency and utilization in running applications on large-scale systems, such as local resource manager scalability and granularity, efficient utilization of raw hardware, parallel file-system contention and scalability, data management, I/O management, reliability at scale, and application scalability. We welcome paper submissions in theoretical, simulations, and systems topics with special consideration to papers addressing the intersection of petascale/exascale challenges with large-scale cloud computing. We seek submission of papers that present new, original and innovative ideas for the "first" time in TCC (Transactions on Cloud Computing). That means, submission of "extended versions" of already published works (e.g., conference/workshop papers) is not encouraged unless they contain significant number of "new and original" ideas/contributions along with more than 49% brand "new" material. For more information on this special issue, please see http://datasys.cs.iit.edu/events/TCC-MTC15/.

Special Issue on Cloud Security Engineering

Submission deadline: March 31, 2015. View PDF.

As the use of cloud computing grows throughout society in general, it is essential that cloud service providers and cloud service users ensure that security and privacy safeguards are in place. There is, however, no perfect security and when a cybersecurity incident occurs, digital investigation will require the identification, preservation and analysis of evidential data.

This special issue is dedicated to the identification of techniques that enable security mechanisms to be engineered and implemented in Cloud-based systems. A key focus will be on the integration of theoretical foundations with practical deployment of security strategies that make Cloud systems more secure for both end users and providers - enabling end users to increase the level of trust they have in Cloud providers - and conversely for Cloud service providers to provide greater guarantees to end users about the security of their services and data. Significant effort has been invested in performance engineering of Cloud-based systems, with a variety of research-based and commercial tools that enable autoscaling of Cloud systems, mechanisms for supporting Service Level Agreement-based provisioning and adaptation and more recently for supporting energy management of large scale data centres. This special issue will be devoted to understanding whether a similar engineering philosophy can be extended to support security mechanisms, and more importantly, whether experience from the performance engineering community (who often need to carry out analysis on large log files) can be carried over into the security domain.

We encourage authors to be exploratory in their papers - reporting on novel use of performance engineering tools that could be repurposed for supporting security management and vice versa.

Special Issue on Mobile Clouds

Submission deadline: May 1, 2015. View PDF.

Mobile cloud computing represents one of the latest developments in cloud computing advancement. In particular, mobile cloud computing extends cloud computing services to the mobile domain by enabling mobile applications to access external computing and storage resources available in the cloud. Not only mobile applications are no longer limited by the computing and data storage limitations within mobile devices, nevertheless adequate offloading of computation intensive processes also has the potential to prolong the battery life.

Besides, there is also an incentive for mobile devices to host foreign processes. This represents a new type of mobile cloud computing services. Ad-hoc mobile cloud is one instance that mobile users sharing common interest in a particular task such as image processing of a local happening can seek collaborative effort to share processing and outcomes. Vehicular cloud computing is another instance of mobile cloud computing that exploits local sensing data and processing of vehicles to enhance Intelligent Transportation Systems.

General Call for Papers

General call for papers. View PDF.


TCC is financially cosponsored by:

IEEE Computer SocietyIEEE Communications SocietyIEEE Power & Energy SocietyIEEE Consumer Electronics SocietyIEEE Systems Council

TCC is technically cosponsored by:

IEEE Signal Processing Society