Amit Vasudevan
Association for Computing Machinery
Network
Latest external collaboration on country level. Dive into details by clicking on the dots.
Publication
Featured researches published by Amit Vasudevan.
ieee symposium on security and privacy | 2013
Amit Vasudevan; Sagar Chaki; Limin Jia; Jonathan M. McCune; James Newsome; Anupam Datta
We present the design, implementation, and verification of XMHF- an eXtensible and Modular Hypervisor Framework. XMHF is designed to achieve three goals -- modular extensibility, automated verification, and high performance. XMHF includes a core that provides functionality common to many hypervisor-based security architectures and supports extensions that augment the core with additional security or functional properties while preserving the fundamental hypervisor security property of memory integrity (i.e., ensuring that the hypervisors memory is not modified by software running at a lower privilege level). We verify the memory integrity of the XMHF core -- 6018 lines of code -- using a combination of automated and manual techniques. The model checker CBMC automatically verifies 5208 lines of C code in about 80 seconds using less than 2GB of RAM. We manually audit the remaining 422 lines of C code and 388 lines of assembly language code that are stable and unlikely to change as development proceeds. Our experiments indicate that XMHFs performance is comparable to popular high-performance general-purpose hypervisors for the single guest that it supports.
hawaii international conference on system sciences | 2011
Amit Vasudevan; Ning Qu; Adrian Perrig
We propose XTRec, a primitive that can record the instruction-level execution trace of a commodity computing system. Our primitive is resilient to compromise to provide integrity of the recorded execution trace. We implement XTRec on the AMD platform running the Windows OS. The only software component that is trusted in the system during runtime is XTRec itself, which contains only 2,195 lines of code permitting manual audits to ensure security and safety. We use XTRec to show whether a particular code has been executed on a system, or conversely to prove that some malware has not executed on the system. This is a highly desirable property to ensure information assurance, especially in critical e-government infrastructure. Our experimental results show that the imposed overhead is 2x--4x for real-world applications. This overhead is primarily due to CPU Branch Trace Messages(BTM), a ubiquitous debugging feature used to record control-flow instructions. Hardware improvements to BTM would therefore enable XTRec to run with minimal overhead.
Archive | 2009
Amit Vasudevan; Bryan Parno; Ning Qu; Virgil D. Gligor; Adrian Perrig
Archive | 2009
Amit Vasudevan; Bryan Parno; Ning Qu; Virgil D. Gligor; Adrian Perrig
Archive | 2012
Amit Vasudevan; Jonathan M. McCune; James Newsome
Archive | 2012
Sagar Chaki; Amit Vasudevan; Limin Jia; Jonathan M. McCune; Anupam Datta
Archive | 2015
Amit Vasudevan; Limin Jia; Sagar Chaki; Petros Maniatis; Anupam Datta
Archive | 2014
Jorge Guajardo Merchan; Emmanuel Owusu; Jonathan M. McCune; James Newsome; Adrian Perrig; Amit Vasudevan
Archive | 2012
Sagar Chaki; Amit Vasudevan; Limin Jia; Jonathan M. McCune; Anupam Datta
Archive | 2012
Amit Vasudevan; Jonathan M. McCune; James Newsome