| NSF Org: |
CNS Division Of Computer and Network Systems |
| Recipient: |
|
| Initial Amendment Date: | May 11, 2015 |
| Latest Amendment Date: | August 22, 2017 |
| Award Number: | 1453011 |
| Award Instrument: | Continuing Grant |
| Program Manager: |
Sol Greenspan
sgreensp@nsf.gov (703)292-7841 CNS Division Of Computer and Network Systems CSE Directorate for Computer and Information Science and Engineering |
| Start Date: | September 1, 2015 |
| End Date: | May 31, 2018 (Estimated) |
| Total Intended Award Amount: | $535,054.00 |
| Total Awarded Amount to Date: | $327,172.00 |
| Funds Obligated to Date: |
FY 2016 = $0.00 FY 2017 = $0.00 |
| History of Investigator: |
|
| Recipient Sponsored Research Office: |
800 WEST CAMPBELL RD. RICHARDSON TX US 75080-3021 (972)883-2313 |
| Sponsor Congressional District: |
|
| Primary Place of Performance: |
800 W Campbell RD Richardson TX US 75080-3021 |
| Primary Place of
Performance Congressional District: |
|
| Unique Entity Identifier (UEI): |
|
| Parent UEI: |
|
| NSF Program(s): |
Special Projects - CNS, Secure &Trustworthy Cyberspace |
| Primary Program Source: |
01001617DB NSF RESEARCH & RELATED ACTIVIT 01001718DB NSF RESEARCH & RELATED ACTIVIT 01001819DB NSF RESEARCH & RELATED ACTIVIT 01001920DB NSF RESEARCH & RELATED ACTIVIT |
| Program Reference Code(s): |
|
| Program Element Code(s): |
|
| Award Agency Code: | 4900 |
| Fund Agency Code: | 4900 |
| Assistance Listing Number(s): | 47.070 |
ABSTRACT
Virtual Machine Monitors (VMMs) and hypervisors have become a foundational technology for system developers to achieve increased levels of security, reliability, and manageability for large-scale computing systems such as cloud computing. However, when developing software at the VMM layer, developers often need to interpret the very low level hardware layer state and reconstruct the semantic meanings of the guest operating system events due to the lack of operating system level abstractions. This semantic gap problem has been a road block for a decade for many VMM level applications such as virtual machine introspection (VMI), malware analysis, and virtual machine management.
This research seeks to design and develop new approaches, practical techniques, and efficient implementations to automatically bridge the semantic gap for VMM layer programs including VMI. In particular, a dual-VM, binary code reuse based framework is formulated and applied to automatically bridge the semantic gap. Such a framework directly enables a large set of legacy utility software to automatically become VMI software. Meanwhile, the research includes developing a set of practical enabling techniques such as memory exclusive kernel version inference, and integrates these techniques with efficient implementations from binary rewriting. The results of this research are to significantly increase the productivity of virtualization software development as well as the security of virtualization software, and also open new opportunities for automated system administration, intrusion detection, and incident response.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external
site maintained by the publisher. Some full text articles may not yet be available without a
charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from
this site.
Please report errors in award information by writing to: awardsearch@nsf.gov.
