Securing Cloud Virtual Machine Image using Ethereum Blockchain

Virtual Machine Image (VMI) is the building block of cloud infrastructure. It encapsulates the various applications and data deployed at the Cloud Service Provider (CSP) end. With the leading advances of cloud computing, comes the added concern of its security. Securing the Cloud infrastructure as a whole is based on the security of the underlying Virtual Machine Images (VMI). In this paper an attempt has been made to highlight the various risks faced by the CSP and Cloud Service Consumer (CSC) in the context of VMI related operations. Later, in this article a formal model of the cloud infrastructure has been proposed. Finally, the Ethereum blockchain has been incorporated to secure, track and manage all the vital operations of the VMIs. The immutable and decentralized nature of blockchain not only makes the proposed scheme more reliable but guarantees auditability of the system by maintaining the entire VMI history in the blockchain.

Toward Virtual Machine Image Management for Persistent Memory

Persistent memory’s (PM) byte-addressability and high capacity will also make it emerging for virtualized environment. Modern virtual machine monitors virtualize PM using either I/O virtualization or memory virtualization. However, I/O virtualization will sacrifice PM’s byte-addressability, and memory virtualization does not get the chance of PM image management. In this article, we enhance QEMU’s memory virtualization mechanism. The enhanced system can achieve both PM’s byte-addressability inside virtual machines and PM image management outside the virtual machines. We also design pcow , a virtual machine image format for PM, which is compatible with our enhanced memory virtualization and supports storage virtualization features including thin-provisioning, base image, snapshot, and striping. Address translation is performed with the help of the Extended Page Table, thus much faster than image formats implemented in I/O virtualization. We also optimize pcow considering PM’s characteristics. We perform exhaustive performance evaluations on an x86 server equipping with Intel’s Optane DC persistent memory. The evaluation demonstrates that our scheme boosts the overall performance by up to 50× compared with qcow2, an image format implemented in I/O virtualization, and brings almost no performance overhead compared with the native memory virtualization. The striping feature can also scale-out the virtual PM’s bandwidth performance.

Develop security scripts to create vulnerable virtual machines and learn penetration testing techniques

The article demonstrates the concept of building a laboratory for penetration testing using a special pro-gram. The program is a set of scripts that configure the system in accordance with a user-defined script. Thanks to the elements of script randomization, this solution allows you to deploy several educational tasks at once to a group of students using only one virtual machine image. The basic idea is that the set-up and creation of a vulnerable target occurs just before the execution of the learning task itself. Those, the virtual machine is initially a basic Ubuntu Linux image that does not have any set of vulnerabilities. The main feature of the proposed solution is that the content of the scripts describes not one variant of the system configuration, but several at once, forming scripts with elements of randomization. In other words, having a basic Ubuntu Linux image and a set of the scripts, you can create different tasks for a dozen students.

VIRTUAL MACHINE FORENSIC ANALYSIS & RECOVERY (VMFAR) SEBAGAI FRAMEWORK UNTUK ANALISIS BUKTI DIGITAL PADA VIRTUAL MACHINE

Virtual Machine merupakan teknologi virtualisasi yang paling banyak digunakan saat ini untuk mempermudah pekerjaan dan menghemat sumber daya perangkat keras. Selain untuk penggunaan standar, virtual machine ini juga banyak digunakan sebagai alat untuk melakukan penelitian terhadap malware, instalasi jaringan dan lainnya. Meningkatnya penggunaan teknologi virtualisasi ini menjadi tantangan baru bagi ahli digital forensik untuk melakukan penelitian lebih lanjut terkait pemulihan barang bukti virtual machine image yang terhapus. Karena VM ini juga banyak digunakan oleh pelaku cybercrime untuk melakukan tindak kriminal pada dunia maya kemudian menghapus jejak digital dengan men-destroy virtual machine image yang telah digunakan tersebut atau mengembalikannya ke snapshot, teknik ini dikenal dengan anti-forensik. Banyak penelitian sebelumnya yang membahas tentang VM forensic ini, seperti pada dump memory VM dan snapshot. Tetapi belum ada yang membahas proses model atau alur yang digunakan untuk melakukan analisis terhadap sebuah barang bukti digital berupa virtual machine. Penelitian ini berusaha untuk mencoba dan mengidentifikasi Virtual Machine Forensic Analysis & Recovery (VMFAR) yang penulis rancang sebagai framework untuk melakukan analisis terhadap bukti digital. Kata Kunci : Mesin Virtual, Forensics Recovery, Cybercrime, Anti Forensik