Virtualization-based continuous monitoring services for security.
- Main supervisor: Dr. Sergey Tverdyshev, firstname.lastname@example.org
- Co-supervisor: Prof. Gerhard Fohler, email@example.com
- Develop virtualization-based continuous monitoring solutions for security, capable of detecting security attacks, which takes advantage of the hypervisor’s access to low-level hardware states.
- Integrate the security solutions into the PikeOS hypervisor.
- Propose an in-depth security solution where every device (FN) contributes to the overall system security.
- Determine how access to hardware by the hypervisor, e.g., control flow analysis and to direct network traffic can be used to assess potentially malicious application behavior.
- Implement prototype intrusion and anomaly detection solutions using real-time machine learning.
- Evaluate the overhead of the implemented solutions.
- Extend SYSGO’s PikeOS hypervisor with the proposed security monitoring services.
Planned visits and collaboration:
- TUKL (Prof. Gerhard Fohler): Evaluate the worst-case overhead of the anomaly detection solutions.