SlideShare a Scribd company logo

Csaw research poster_20071204

Todd Deshane
Todd Deshane
Technology
1 of 1
Download to read offline
SCENARIO RAPID RECOVERY SYSTEM Virtual Machine Appliances (VMAs) are one or more  applications logically grouped into Virtual Machines.  John is a typical desktop computer user that uses his computer to  communicate with friends on IM and email, and surf the web. Todd Deshane VMAs specify the network resources and files that  they need to access, the permissions on them, and  Clarkson University the rate at which they expect to use them.  Ooooh! I got some pics from my buddy  Joe :) SYSTEM ARCHITECTURE The File System Virtual Machine (FS­VM) stores and  Domain 0 (dom0) is the  protects the user's data. Access to the files is limited  privileged VM in Xen. It  to only those specific VMAs that need it. Backing up  manages VM resources and  the FS­VM backs up all of the user's important data at  also the starting, stopping,  one time. Without the Rapid Recovery System and restarting of VMs. John didn't know that the pics were actually a trojan, and now his  computer is part of a botnet that is sharing all of his personal information  The Network Virtual Machine (NET­VM) is given  to the world. direct and exclusive access to the network interface  card (NIC). The NET­VM has a built­in firewall and  010010000100000101000011010010110100010101000100 intrusion detection system. It monitors and enforces  Credit Card Numbers, Email Contacts,  the network resources that the VMAs use.   Passwords Not only is John's information being  THE MINEFIELD OF PERSONAL COMPUTER USE SYSTEM PERFORMANCE taken, but his computer resources are  being used to spread this trojan and   The seemingly innocent things you can do to render your PC unusable other viruses to other vulnerable  computers on the Internet. Scenario: Open an attachment containing a mass emailing virus Without the Rapid Recovery System With the Rapid Recovery System Notice a slow down of the machine, unsure of cause. The attachment is written into the email log.  Reboot machine, still slow. The NET­VM flags a violation of the network contract and pauses the VM. A few hours later, John has re­ Look in process list, attempt to kill suspicious process, regenerates itself. The system asks the user if they want to rollback to the last known good image. installed his operating system and all  John notices that his computer is  Call tech support, make an appointment to take the computer into the shop. Rollback and remount personal data store. of his applications that he uses. He  running slower than usual. He is told that  3 weeks later get the machine back with the OS re­installed. Some system data (logs, etc.) in VM appliance is lost, but no personal data is lost. forgot to back up some digital photos  he should wipe his computer and re­ Newest backup is 1 month old, some recent reports and pictures lost.   The machine is back in working order in less than 1 hour. that he took of his daughter's play.  install. He will need to find his operating  Ooops! But at least his computer is  system and application install CDs.  working again, right? Scenario: Surf to the wrong web site With the Rapid Recovery System Without the Rapid Recovery System A malicious program begins to read over the hard drive for credit card numbers. With the Rapid Recovery System A malicious program begins to read over the hard drive for credit card numbers. The user does not notice any signs of trouble. The FS­VM triggers a violation of the data access contract and pauses the VM. The program sends out a small amout of data containing the information discovered. The system asks the user if they want to rollback to the last known good image. The program installs a backdoor for later use by the attacker. Rollback and remount personal data store. The scan is not completed, the information is not sent, the backdoor is prevented. John really wants to see the  pics, so he ignores the error  Either of these actions cause  and copies the “pics” to his  the Internet VM to be reset.  Scenario: Install a required software update John tries to load the pictures in his photo  Internet VM and clicks on them.  The built­in firewall of the  Without the Rapid Recovery System With the Rapid Recovery System VM, but the action is denied, since the  The executable runs and it  Rapid Recovery System  After the update, several applications cannot find some required components. After the update, several applications cannot find some required components. “pics” are actually executables. An error  instantly tries to run its built­in  disallows the Internet VM to  The user calls tech support and they confirm the problems with this patch. The user calls tech support and they confirm the problems with this patch. message is displayed to John. IRC server and starts scanning  create a server. An error  The best recommendation is to completely uninstall and re­install the applications. The user decides to rollback to the last known good image. for personal data. message appears when the  It takes a few hours to assemble the installation media, to find the product keys,  The machine is back up and running in minutes. Internet restarts. John finds  and to follow the instructions. out that these were not pics. 

Recommended

Xen versus kvm_20080623
Xen versus kvm_20080623Xen versus kvm_20080623
Xen versus kvm_20080623Todd Deshane
 
Project kronos open_stack_design_summit
Project kronos open_stack_design_summitProject kronos open_stack_design_summit
Project kronos open_stack_design_summitTodd Deshane
 
Xen versus kvm_20080623
Xen versus kvm_20080623Xen versus kvm_20080623
Xen versus kvm_20080623Todd Deshane
 
Why Choose Xen For Your Cloud?
Why Choose Xen For Your Cloud? Why Choose Xen For Your Cloud?
Why Choose Xen For Your Cloud? Todd Deshane
 
Xenorgs open stack_related_initiatives
Xenorgs open stack_related_initiativesXenorgs open stack_related_initiatives
Xenorgs open stack_related_initiativesTodd Deshane
 
opensourceiaas
opensourceiaasopensourceiaas
opensourceiaasTodd Deshane
 
10 Insightful Quotes On Designing A Better Customer Experience
10 Insightful Quotes On Designing A Better Customer Experience10 Insightful Quotes On Designing A Better Customer Experience
10 Insightful Quotes On Designing A Better Customer ExperienceYuan Wang
 
How to Build a Dynamic Social Media Plan
How to Build a Dynamic Social Media PlanHow to Build a Dynamic Social Media Plan
How to Build a Dynamic Social Media PlanPost Planner
 

Recommended

Xen versus kvm_20080623
Xen versus kvm_20080623Xen versus kvm_20080623
Xen versus kvm_20080623Todd Deshane
 
Project kronos open_stack_design_summit
Project kronos open_stack_design_summitProject kronos open_stack_design_summit
Project kronos open_stack_design_summitTodd Deshane
 
Xen versus kvm_20080623
Xen versus kvm_20080623Xen versus kvm_20080623
Xen versus kvm_20080623Todd Deshane
 
Why Choose Xen For Your Cloud?
Why Choose Xen For Your Cloud? Why Choose Xen For Your Cloud?
Why Choose Xen For Your Cloud? Todd Deshane
 
Xenorgs open stack_related_initiatives
Xenorgs open stack_related_initiativesXenorgs open stack_related_initiatives
Xenorgs open stack_related_initiativesTodd Deshane
 
opensourceiaas
opensourceiaasopensourceiaas
opensourceiaasTodd Deshane
 
10 Insightful Quotes On Designing A Better Customer Experience
10 Insightful Quotes On Designing A Better Customer Experience10 Insightful Quotes On Designing A Better Customer Experience
10 Insightful Quotes On Designing A Better Customer ExperienceYuan Wang
 
How to Build a Dynamic Social Media Plan
How to Build a Dynamic Social Media PlanHow to Build a Dynamic Social Media Plan
How to Build a Dynamic Social Media PlanPost Planner
 
Usenix04 20040702
Usenix04 20040702Usenix04 20040702
Usenix04 20040702Todd Deshane
 
Open Source Cloud Computing: Practical Solutions For Your Online Presence (PDF)
Open Source Cloud Computing: Practical Solutions For Your Online Presence (PDF)Open Source Cloud Computing: Practical Solutions For Your Online Presence (PDF)
Open Source Cloud Computing: Practical Solutions For Your Online Presence (PDF)Todd Deshane
 
Open Source Cloud Computing: Practical Solutions For Your Online Presence (ODP)
Open Source Cloud Computing: Practical Solutions For Your Online Presence (ODP)Open Source Cloud Computing: Practical Solutions For Your Online Presence (ODP)
Open Source Cloud Computing: Practical Solutions For Your Online Presence (ODP)Todd Deshane
 
Todd Deshane's PhD Proposal
Todd Deshane's PhD ProposalTodd Deshane's PhD Proposal
Todd Deshane's PhD ProposalTodd Deshane
 
Computer Security for Mission Assurance
Computer Security for Mission AssuranceComputer Security for Mission Assurance
Computer Security for Mission AssuranceTodd Deshane
 
S4 xen hypervisor_20080622
S4 xen hypervisor_20080622S4 xen hypervisor_20080622
S4 xen hypervisor_20080622Todd Deshane
 
S4 xen hypervisor_20080622
S4 xen hypervisor_20080622S4 xen hypervisor_20080622
S4 xen hypervisor_20080622Todd Deshane
 
Ph d proposal_20070809
Ph d proposal_20070809Ph d proposal_20070809
Ph d proposal_20070809Todd Deshane
 
Ph d proposal_20070809
Ph d proposal_20070809Ph d proposal_20070809
Ph d proposal_20070809Todd Deshane
 
Ece seminar 20070927
Ece seminar 20070927Ece seminar 20070927
Ece seminar 20070927Todd Deshane
 
Ece seminar 20070927
Ece seminar 20070927Ece seminar 20070927
Ece seminar 20070927Todd Deshane
 
Cs seminar 20071207
Cs seminar 20071207Cs seminar 20071207
Cs seminar 20071207Todd Deshane
 
Cs seminar 20071207
Cs seminar 20071207Cs seminar 20071207
Cs seminar 20071207Todd Deshane
 
Cs seminar 20070426
Cs seminar 20070426Cs seminar 20070426
Cs seminar 20070426Todd Deshane
 
Cs seminar 20070426
Cs seminar 20070426Cs seminar 20070426
Cs seminar 20070426Todd Deshane
 
Cs seminar 20061207
Cs seminar 20061207Cs seminar 20061207
Cs seminar 20061207Todd Deshane
 
Cs seminar 20061207
Cs seminar 20061207Cs seminar 20061207
Cs seminar 20061207Todd Deshane
 
Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808Todd Deshane
 
Atc ny friday-talk_20080808
Atc ny friday-talk_20080808Atc ny friday-talk_20080808
Atc ny friday-talk_20080808Todd Deshane
 
2010 xen-lisa
2010 xen-lisa2010 xen-lisa
2010 xen-lisaTodd Deshane
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfFIDO Alliance
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIES VE
 

More Related Content

More from Todd Deshane

Open Source Cloud Computing: Practical Solutions For Your Online Presence (PDF)
Open Source Cloud Computing: Practical Solutions For Your Online Presence (PDF)Open Source Cloud Computing: Practical Solutions For Your Online Presence (PDF)
Open Source Cloud Computing: Practical Solutions For Your Online Presence (PDF)Todd Deshane
 
Open Source Cloud Computing: Practical Solutions For Your Online Presence (ODP)
Open Source Cloud Computing: Practical Solutions For Your Online Presence (ODP)Open Source Cloud Computing: Practical Solutions For Your Online Presence (ODP)
Open Source Cloud Computing: Practical Solutions For Your Online Presence (ODP)Todd Deshane
 
Todd Deshane's PhD Proposal
Todd Deshane's PhD ProposalTodd Deshane's PhD Proposal
Todd Deshane's PhD ProposalTodd Deshane
 
Computer Security for Mission Assurance
Computer Security for Mission AssuranceComputer Security for Mission Assurance
Computer Security for Mission AssuranceTodd Deshane
 
S4 xen hypervisor_20080622
S4 xen hypervisor_20080622S4 xen hypervisor_20080622
S4 xen hypervisor_20080622Todd Deshane
 
S4 xen hypervisor_20080622
S4 xen hypervisor_20080622S4 xen hypervisor_20080622
S4 xen hypervisor_20080622Todd Deshane
 
Ph d proposal_20070809
Ph d proposal_20070809Ph d proposal_20070809
Ph d proposal_20070809Todd Deshane
 
Ph d proposal_20070809
Ph d proposal_20070809Ph d proposal_20070809
Ph d proposal_20070809Todd Deshane
 
Ece seminar 20070927
Ece seminar 20070927Ece seminar 20070927
Ece seminar 20070927Todd Deshane
 
Ece seminar 20070927
Ece seminar 20070927Ece seminar 20070927
Ece seminar 20070927Todd Deshane
 
Cs seminar 20071207
Cs seminar 20071207Cs seminar 20071207
Cs seminar 20071207Todd Deshane
 
Cs seminar 20071207
Cs seminar 20071207Cs seminar 20071207
Cs seminar 20071207Todd Deshane
 
Cs seminar 20070426
Cs seminar 20070426Cs seminar 20070426
Cs seminar 20070426Todd Deshane
 
Cs seminar 20070426
Cs seminar 20070426Cs seminar 20070426
Cs seminar 20070426Todd Deshane
 
Cs seminar 20061207
Cs seminar 20061207Cs seminar 20061207
Cs seminar 20061207Todd Deshane
 
Cs seminar 20061207
Cs seminar 20061207Cs seminar 20061207
Cs seminar 20061207Todd Deshane
 
Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808Todd Deshane
 
Atc ny friday-talk_20080808
Atc ny friday-talk_20080808Atc ny friday-talk_20080808
Atc ny friday-talk_20080808Todd Deshane
 

More from Todd Deshane (20)

Usenix04 20040702
Usenix04 20040702Usenix04 20040702
Usenix04 20040702
 
Open Source Cloud Computing: Practical Solutions For Your Online Presence (PDF)
Open Source Cloud Computing: Practical Solutions For Your Online Presence (PDF)Open Source Cloud Computing: Practical Solutions For Your Online Presence (PDF)
Open Source Cloud Computing: Practical Solutions For Your Online Presence (PDF)
 
Open Source Cloud Computing: Practical Solutions For Your Online Presence (ODP)
Open Source Cloud Computing: Practical Solutions For Your Online Presence (ODP)Open Source Cloud Computing: Practical Solutions For Your Online Presence (ODP)
Open Source Cloud Computing: Practical Solutions For Your Online Presence (ODP)
 
Todd Deshane's PhD Proposal
Todd Deshane's PhD ProposalTodd Deshane's PhD Proposal
Todd Deshane's PhD Proposal
 
Computer Security for Mission Assurance
Computer Security for Mission AssuranceComputer Security for Mission Assurance
Computer Security for Mission Assurance
 
S4 xen hypervisor_20080622
S4 xen hypervisor_20080622S4 xen hypervisor_20080622
S4 xen hypervisor_20080622
 
S4 xen hypervisor_20080622
S4 xen hypervisor_20080622S4 xen hypervisor_20080622
S4 xen hypervisor_20080622
 
Ph d proposal_20070809
Ph d proposal_20070809Ph d proposal_20070809
Ph d proposal_20070809
 
Ph d proposal_20070809
Ph d proposal_20070809Ph d proposal_20070809
Ph d proposal_20070809
 
Ece seminar 20070927
Ece seminar 20070927Ece seminar 20070927
Ece seminar 20070927
 
Ece seminar 20070927
Ece seminar 20070927Ece seminar 20070927
Ece seminar 20070927
 
Cs seminar 20071207
Cs seminar 20071207Cs seminar 20071207
Cs seminar 20071207
 
Cs seminar 20071207
Cs seminar 20071207Cs seminar 20071207
Cs seminar 20071207
 
Cs seminar 20070426
Cs seminar 20070426Cs seminar 20070426
Cs seminar 20070426
 
Cs seminar 20070426
Cs seminar 20070426Cs seminar 20070426
Cs seminar 20070426
 
Cs seminar 20061207
Cs seminar 20061207Cs seminar 20061207
Cs seminar 20061207
 
Cs seminar 20061207
Cs seminar 20061207Cs seminar 20061207
Cs seminar 20061207
 
Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808
 
Atc ny friday-talk_20080808
Atc ny friday-talk_20080808Atc ny friday-talk_20080808
Atc ny friday-talk_20080808
 
2010 xen-lisa
2010 xen-lisa2010 xen-lisa
2010 xen-lisa
 

Recently uploaded

Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfFIDO Alliance
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIES VE
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaCzechDreamin
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...panagenda
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfSrushith Repakula
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfFIDO Alliance
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyUXDXConf
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...CzechDreamin
 
Using IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandUsing IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandIES VE
 
Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Hiroshi SHIBATA
 
What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024Stephanie Beckett
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftshyamraj55
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe中 央社
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024Lorenzo Miniero
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераMark Opanasiuk
 
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimaginedpanagenda
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024Stephen Perrenod
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGDSC PJATK
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!Memoori
 

Recently uploaded (20)

Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
 
Using IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandUsing IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & Ireland
 
Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024
 
What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 Warsaw
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!
 

Csaw research poster_20071204

  • 1. SCENARIO RAPID RECOVERY SYSTEM Virtual Machine Appliances (VMAs) are one or more  applications logically grouped into Virtual Machines.  John is a typical desktop computer user that uses his computer to  communicate with friends on IM and email, and surf the web. Todd Deshane VMAs specify the network resources and files that  they need to access, the permissions on them, and  Clarkson University the rate at which they expect to use them.  Ooooh! I got some pics from my buddy  Joe :) SYSTEM ARCHITECTURE The File System Virtual Machine (FS­VM) stores and  Domain 0 (dom0) is the  protects the user's data. Access to the files is limited  privileged VM in Xen. It  to only those specific VMAs that need it. Backing up  manages VM resources and  the FS­VM backs up all of the user's important data at  also the starting, stopping,  one time. Without the Rapid Recovery System and restarting of VMs. John didn't know that the pics were actually a trojan, and now his  computer is part of a botnet that is sharing all of his personal information  The Network Virtual Machine (NET­VM) is given  to the world. direct and exclusive access to the network interface  card (NIC). The NET­VM has a built­in firewall and  010010000100000101000011010010110100010101000100 intrusion detection system. It monitors and enforces  Credit Card Numbers, Email Contacts,  the network resources that the VMAs use.   Passwords Not only is John's information being  THE MINEFIELD OF PERSONAL COMPUTER USE SYSTEM PERFORMANCE taken, but his computer resources are  being used to spread this trojan and   The seemingly innocent things you can do to render your PC unusable other viruses to other vulnerable  computers on the Internet. Scenario: Open an attachment containing a mass emailing virus Without the Rapid Recovery System With the Rapid Recovery System Notice a slow down of the machine, unsure of cause. The attachment is written into the email log.  Reboot machine, still slow. The NET­VM flags a violation of the network contract and pauses the VM. A few hours later, John has re­ Look in process list, attempt to kill suspicious process, regenerates itself. The system asks the user if they want to rollback to the last known good image. installed his operating system and all  John notices that his computer is  Call tech support, make an appointment to take the computer into the shop. Rollback and remount personal data store. of his applications that he uses. He  running slower than usual. He is told that  3 weeks later get the machine back with the OS re­installed. Some system data (logs, etc.) in VM appliance is lost, but no personal data is lost. forgot to back up some digital photos  he should wipe his computer and re­ Newest backup is 1 month old, some recent reports and pictures lost.   The machine is back in working order in less than 1 hour. that he took of his daughter's play.  install. He will need to find his operating  Ooops! But at least his computer is  system and application install CDs.  working again, right? Scenario: Surf to the wrong web site With the Rapid Recovery System Without the Rapid Recovery System A malicious program begins to read over the hard drive for credit card numbers. With the Rapid Recovery System A malicious program begins to read over the hard drive for credit card numbers. The user does not notice any signs of trouble. The FS­VM triggers a violation of the data access contract and pauses the VM. The program sends out a small amout of data containing the information discovered. The system asks the user if they want to rollback to the last known good image. The program installs a backdoor for later use by the attacker. Rollback and remount personal data store. The scan is not completed, the information is not sent, the backdoor is prevented. John really wants to see the  pics, so he ignores the error  Either of these actions cause  and copies the “pics” to his  the Internet VM to be reset.  Scenario: Install a required software update John tries to load the pictures in his photo  Internet VM and clicks on them.  The built­in firewall of the  Without the Rapid Recovery System With the Rapid Recovery System VM, but the action is denied, since the  The executable runs and it  Rapid Recovery System  After the update, several applications cannot find some required components. After the update, several applications cannot find some required components. “pics” are actually executables. An error  instantly tries to run its built­in  disallows the Internet VM to  The user calls tech support and they confirm the problems with this patch. The user calls tech support and they confirm the problems with this patch. message is displayed to John. IRC server and starts scanning  create a server. An error  The best recommendation is to completely uninstall and re­install the applications. The user decides to rollback to the last known good image. for personal data. message appears when the  It takes a few hours to assemble the installation media, to find the product keys,  The machine is back up and running in minutes. Internet restarts. John finds  and to follow the instructions. out that these were not pics.