Towards non-intrusive software introspection and beyond
Files
Accepted manuscript
Date
2020-04
Authors
Mohan, Apoorve
Nadgowda, Shripad
Pipaliya, Bhautik
Varma, Sona
Suneja, Sahil
Isci, Canturk
Cooperman, Gene
Desnoyers, Peter
Krieger, Orran
Turk, Ata
Version
Accepted manuscript
OA Version
Citation
A. Mohan, S. Nadgowda, B. Pipaliya, S. Varma, S. Suneja, C. Isci, G. Cooperman, P. Desnoyers, O. Krieger, A. Turk. 2020. "Towards Non-Intrusive Software Introspection and Beyond." 2020 IEEE International Conference on Cloud Engineering (IC2E). 2020 IEEE International Conference on Cloud Engineering (IC2E). 2020-04-21 - 2020-04-24. https://doi.org/10.1109/ic2e48712.2020.00025
Abstract
Continuous verification and security analysis of software systems are of paramount importance to many organizations. The state-of-the-art for such operations implements agent-based approaches to inspect the provisioned software stack for security and compliance issues. However, this approach, which runs agents on the systems being analyzed, is vulnerable to some attacks, can incur substantial performance impact, and can introduce significant complexity. In this paper, we present the design and prototype implementation of a general-purpose approach for Non-intrusive Software Introspection (NSI). By adhering to NSI, organizations hosting in the cloud can as well control the software introspection workflow with reduced trust in the provider. Experimental analysis of real-world applications demonstrates that NSI presents a lightweight and scalable approach, and has a negligible impact on the performance of applications running on the instance being introspected.