Volume 12 - Issue 1
Improvement and Evaluation of a Function for Tracing the Diffusion of Classified Information on KVM
- Hideaki Moriyama
Lecturer at Department of Creative Engineering
hideaki@ariake-nct.ac.jp
- Toshihiro Yamauchi
Associate Professor with the Graduate School of Natural Science and Technology, Okayama University
yamauchi@cs.okayama-u.ac.jp
- Masaya Sato
Faculty of Computer Science and Systems Engineering
- Hideo Taniguchi
2Graduate School of Natural Science and Technology
Keywords: Information leak prevention, performance improvement, virtual machine monitor
Abstract
The leakage of computerized classified information can cause serious losses for companies and individuals.
In a prior work, we addressed this by providing a function for tracing the diffusion of
classified information in a guest operating system (OS). However, that method was vulnerable to
attack and was tightly coupled to the OS. Hence, in another previous work, we applied the tracing
function using a virtual machine monitor that hooks into system calls that handle classified information,
allowing us to understand the diffusion path in a more robust and OS-agnostic fashion. However,
as the overhead of the tracing function increases, so does the performance degradation of each
system call. Hence, in the current research, the processing performance of the tracing function is
further analyzed in depth by identifying the processes that cause the large overhead. We find that the
performance overhead generated by outputting the diffusion path log is too burdensome. Therefore,
improvements are implemented, and the effectiveness of the upgraded performance is described. Ultimately,
the log-output overhead problem is improved.