Virtualization-based continuous monitoring services for security
- Important: don’t forget to mention in your application how you found out about the position.
Host: SYSGO, Research and Technology.
- Main supervisor: Dr. Sergey Tverdyshev, sergey.tverdyshev@sysgo.com
- Co-supervisor: Prof. Gerhard Fohler, fohler@eit.uni-kl.de
Requirements:
- Mandatory requirements for all PhD positions
- Please contact the main supervisor for additional requirements
Objectives:
- Develop virtualization-based continuous monitoring solutions for security, capable of detecting security attacks, which takes advantage of the hypervisor’s access to low-level hardware states.
- Integrate the security solutions into the PikeOS hypervisor.
Expected Results:
- Propose an in-depth security solution where every device (FN) contributes to the overall system security.
- Determine how access to hardware by the hypervisor, e.g., control flow analysis and to direct network traffic can be used to assess potentially malicious application behavior.
- Implement prototype intrusion and anomaly detection solutions using real-time machine learning.
- Evaluate the overhead of the implemented solutions.
- Extend SYSGO’s PikeOS hypervisor with the proposed security monitoring services.
Planned visits and collaboration:
- TUKL (Prof. Gerhard Fohler): Evaluate the worst-case overhead of the anomaly detection solutions.
Description:
Please contact the main supervisor for a detailed description.
Relevant publications:
Please contact the main supervisor for relevant publications about the topic area.