Virtualization-based continuous monitoring services for security
- Main supervisor: Prof. Gerhard Fohler, firstname.lastname@example.org (contact person)
- Co-supervisor: Associate Prof. Nicola Dragoni, email@example.com
- Mandatory requirements for all PhD positions
- Please contact the main supervisor for additional requirements
- Develop virtualization-based continuous monitoring solutions for security, capable of detecting security attacks, which takes advantage of the hypervisor’s access to low-level hardware states.
- Integrate the security solutions into the PikeOS hypervisor.
- Propose an in-depth security solution where every device (FN) contributes to the overall system security.
- Determine how access to hardware by the hypervisor, e.g., control flow analysis and to direct network traffic can be used to assess potentially malicious application behavior.
- Implement prototype intrusion and anomaly detection solutions using real-time machine learning.
- Evaluate the overhead of the implemented solutions.
- Extend SYSGO’s PikeOS hypervisor with the proposed security monitoring services.
Planned visits and collaboration:
- TUKL (Prof. Gerhard Fohler): Evaluate the worst-case overhead of the anomaly detection solutions.
Please contact the main supervisor for a detailed description.
Please contact the main supervisor for relevant publications about the topic area.