ASSERT Virtual Machine Introspection Research

The ASSERT Center is currently investigating the capabilities and limitations of Virtual Machine Introspection (VMI).

  • Brian Hay produced and continues to develop a VMI toolkit for Xen, called Virtual Introspection for Xen (VIX). This toolkit includes:

    • A VMI library (libvix) which provides Dom0 userspace code with read/write access to virtual machine memory

    • A set of tools which utilze libvix to allow a system administrator or digital forensics investigator to unobtrusively query virtual machines (DomU) in a manner similar to that possible with common linux command line tools.

  • ASSERT Center faculty and students are involved in the recently formed Xen Introspection Project.

  • ASSERT Center faculty and students, in conjunction with colleagues at the University of California Davis, are investigfating the limitations of VMI, including the extent to which such montioring can be performed unobtrusively (i.e., without the knowledge of a user on the VM being monitered).

For information about the VMI research underway at ASSERT, including how to get involved, contact us via email (you can use this pgp key if necessary)

©ASSERT, University of Alaska Fairbanks, 2010
contact webmaster     pgp key