Virtualization Privacy and Security Projects

Some of our projects investigate virtualization technology for application privacy and security.

• Privacy-preserving Virtual Machines: This project investigates ways to cleanly isolate, track, and process/exclude the footprint of confidential applications.
• Multi-hypervisor Virtual Machines: This project investigates ways to run hypervisor-level services in the cloud, including security services such as VM Introspection, checkpointing, and network monitoring.
• Encryption overhead on live VM migration: This project investigates the overhead of various encryption mechanisms on live migration of virtual machines and ways to reduce this overhead.

Publications

1. Tianlin Li, Yaohui Hu, Ping Yang, Kartik Gopalan, Privacy-preserving Virtual Machines, 31th Annual Computer Security Applications Conference (ACSAC), 2015, Los Angeles, CA. [paper] [bibtex]
2. Yaohui Hu, Sanket Panhale, Tianlin Li, Emine Ugur Kaynar, Danny Chan, Umesh Deshpande, Ping Yang, Kartik Gopalan, Performance Analysis of Encryption in Securing the Live Migration of Virtual Machines, In IEEE Cloud 2015 (Application Track), [pdf] [bibtex]
3. Mikhail Gofman, Ruiqi Luo, Chad Wyszynski, Yaohui Hu, Ping Yang, and Kartik Gopalan, Privacy-preserving Virtual Machine Checkpointing Mechanism, In Special Issue on Information Assurance and System Security in Cloud Computing, Journal of Cloud Computing, 3(3), pages 245--266, 2014. [pdf] [bibtex]
4. Yaohui Hu, Siddhesh Phadke, Kartik Gopalan, Michael Hines, "Multi-Hypervisor Nested Virtual Machines", Usenix Annual Technical Conference, Poster Session, Philadelpha, PA, USA. [pdf] [bibtex]
5. Yaohui Hu, Tianlin Li, Ping Yang, and Kartik Gopalan, An Application-Level Approach for Privacy-preserving Virtual Machine Checkpointing, In the 6th IEEE International Conference on Cloud Computing, research track, 2013. [pdf] [bibtex]
6. Mikhail Gofman, Ruiqi Luo, Ping Yang, and Kartik Gopalan, SPARC: A Security and Privacy Aware Virtual Machine Checkpointing Mechanism, Proc. of the 10th annual ACM Workshop on Privacy in the Electronic Society (WPES), In conjunction with the ACM Conference on Computer and Communications Security (CCS), full paper, Chicago, IL, 2011. [pdf] [bibtex]