Skip to main content
SpringerLink
Log in

HERO vs Zombie: Destroying Zombie Guests in Virtual Machine Environments

  • Conference paper
  • First Online:
Model-Driven Engineering and Software Development (MODELSWARD 2021, MODELSWARD 2022)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1708))

  • 153 Accesses

Abstract

Virtual servers are now standard in data centres. Multiple virtual machines (guests) are consolidated on much fewer hosts on-site or on “the cloud”, Thus saving most of the hosting costs. Virtual servers serve most of our computational needs. However, virtual machines consume no physical space. Thus abandoned servers are often unnoticed. The system administrators do not delete the servers. Sometimes the administrators do not know the servers are not in use. (Some servers often “become” unused as business processes changes, and the System administrators are not informed when the last user no longer uses the server) These servers are known as “zombie” machines. “Zombie” machines waste resources and (as they are left unattended and unpatched) pose a cyber security risk. We present HERO (Host Environment Resource Optimization). HERO is a novel tool to optimize resource use and security. HERO uses multiple tests and machine learning approaches to assist system administrators in identifying and removing “zombie” machines.

N. J. Zaidenberg—This chapter is an extended version of a conference paper [11].

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 79.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. wook Baek, H., Srivastava, A., Van der Merwe, J.: Cloudvmi: virtual machine introspection as a cloud service. In: 2014 IEEE International Conference on Cloud Engineering, pp. 153–158. IEEE (2014)

    Google Scholar 

  2. Belanger, S., Casemore, B.: “Exploring the impact of infrastructure virtualization on digital transformation strategies and carbon emissions”’ an idc white paper, sponsored by vmware

    Google Scholar 

  3. Ben Yehuda, R., Shlingbaum, E., Gershfeld, Y., Tayouri, S., Zaidenberg, N.J.: Hypervisor memory acquisition for arm. Forensic Sci. Int. Dig. Invest. 37, 301106 (2021)

    Google Scholar 

  4. Bila, N., de Lara, E., Joshi, K., Lagar-Cavilla, H.A., Hiltunen, M., Satyanarayanan, M.: Jettison: Efficient idle desktop consolidation with partial VM migration. In: Proceedings of the 7th ACM European Conference on Computer Systems, pp. 211–224 (2012)

    Google Scholar 

  5. Block, F., Dewald, A.: Linux memory forensics: dissecting the user space process heap. Digit. Invest. 22, S66–S75 (2017)

    Article  Google Scholar 

  6. Carroll, M., Kotzé, P., Van der Merwe, A.: Secure virtualization: benefits, risks and constraints (2011)

    Google Scholar 

  7. Case, A., Richard, G.G., III.: Memory forensics: the path forward. Digit. Invest. 20, 23–33 (2017)

    Article  Google Scholar 

  8. Cohen, N., Bremler-Barr, A.: Graph-based cloud resource cleanup

    Google Scholar 

  9. Colman-Meixner, C., Develder, C., Tornatore, M., Mukherjee, B.: A survey on resiliency techniques in cloud computing infrastructures and applications. IEEE Commun. Surv. Tutor. 18(3), 2244–2281 (2016)

    Article  Google Scholar 

  10. Colman-Meixner, C., Develder, C., Tornatore, M., Mukherjee, B.: A survey on resiliency techniques in cloud computing infrastructures and applications. IEEE Commun. Surv. Tutor. 18(3), 2244–2281 (2016). https://doi.org/10.1109/COMST.2016.2531104

    Article  Google Scholar 

  11. Elinav, Y., Moshinky, A., Siag, L., Zaidenberg, N.J.: Hero vs. zombie: identifying zombie guests in a virtual machine environment. In: MODELSWARD. INSTICC (2021)

    Google Scholar 

  12. Fesl, J., Gokhale, V., Feslová, M.: Efficient virtual machine consolidation approach based on user inactivity detection. Cloud Comput. 2019, 115 (2019)

    Google Scholar 

  13. Galante, G., de Bona, L.C.E.: A survey on cloud computing elasticity. In: 2012 IEEE Fifth International Conference on Utility and Cloud Computing, pp. 263–270. IEEE (2012)

    Google Scholar 

  14. Georgiou, S., Tsakalozos, K., Delis, A.: Exploiting network-topology awareness for VM placement in IAAS clouds. In: 2013 International Conference on Cloud and Green Computing, pp. 151–158. IEEE (2013)

    Google Scholar 

  15. Graziano, M., Lanzi, A., Balzarotti, D.: Hypervisor memory forensics. In: Stolfo, S.J., Stavrou, A., Wright, C.V. (eds.) RAID 2013. LNCS, vol. 8145, pp. 21–40. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-41284-4_2

    Chapter  Google Scholar 

  16. Großmann, M., Schenk, C.: A comparison of monitoring approaches for virtualized services at the network edge. In: 2018 International Conference on Internet of Things, Embedded Systems and Communications (IINTEC), pp. 85–90. IEEE (2018)

    Google Scholar 

  17. Habib, I.: Virtualization with KVM. Linux J. 2008(166), 8 (2008)

    Google Scholar 

  18. Hernantes, J., Gallardo, G., Serrano, N.: It infrastructure-monitoring tools. IEEE Softw. 32(4), 88–93 (2015)

    Article  Google Scholar 

  19. Kedia, P., Nagpal, R., Singh, T.P.: A survey on virtualization service providers, security issues, tools and future trends. Int. J. Comput. Appl. 69(24) (2013)

    Google Scholar 

  20. Kim, I.K., Zeng, S., Young, C., Hwang, J., Humphrey, M.: A supervised learning model for identifying inactive VMS in private cloud data centers. In: Proceedings of the Industrial Track of the 17th International Middleware Conference, pp. 1–7 (2016)

    Google Scholar 

  21. Kim, I.K., Zeng, S., Young, C., Hwang, J., Humphrey, M.: ICSI: a cloud garbage VM collector for addressing inactive VMs with machine learning. In: 2017 IEEE International Conference on Cloud Engineering (IC2E), pp. 17–28. IEEE (2017)

    Google Scholar 

  22. Kiperberg, M., Leon, R., Resh, A., Algawi, A., Zaidenberg, N.: Hypervisor-assisted atomic memory acquisition in modern systems. In: International Conference on Information Systems Security and Privacy. SCITEPRESS Science And Technology Publications (2019)

    Google Scholar 

  23. Kiperberg, M., Zaidenberg, N.J.: H-kpp: Hypervisor-assisted kernel patch protection. Applied Sciences 12(10) (2022). https://doi.org/10.3390/app12105076, https://www.mdpi.com/2076-3417/12/10/5076

  24. Koomey, J., Taylor, J.: Zombie/comatose servers redux. Report by Koomey Analytics and Anthesis. Recuperado de http://anthesisgroup. com/zombie-servers-redux (2017)

    Google Scholar 

  25. Kovari, A., Dukan, P.: KVM & openvz virtualization based IAAS open source cloud virtualization platforms: opennode, proxmox ve. In: 2012 IEEE 10th Jubilee International Symposium on Intelligent Systems and Informatics, pp. 335–339. IEEE (2012)

    Google Scholar 

  26. Luo, S., Lin, Z., Chen, X., Yang, Z., Chen, J.: Virtualization security for cloud computing service. In: 2011 International Conference on Cloud and Service Computing, pp. 174–179. IEEE (2011)

    Google Scholar 

  27. Mauro, A., Valsecchi, P., Novak, K.: Mastering VMware vSphere 6.5: leverage the power of vSphere for effective virtualization, administration, management and monitoring of data centers. Packt Publishing Ltd. (2017)

    Google Scholar 

  28. Mazumdar, S., Pranzo, M.: Power efficient server consolidation for cloud data center. Futur. Gener. Comput. Syst. 70, 4–16 (2017)

    Article  Google Scholar 

  29. Padgham, L., Winikoff, M.: Prometheus: a methodology for developing intelligent agents. In: Giunchiglia, F., Odell, J., Weiß, G. (eds.) AOSE 2002. LNCS, vol. 2585, pp. 174–185. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36540-0_14

    Chapter  Google Scholar 

  30. Padgham, L., Winikoff, M.: Prometheus: a practical agent-oriented methodology. In: Agent-Oriented Methodologies, pp. 107–135. IGI Global (2005)

    Google Scholar 

  31. Payne, B.D.: Simplifying virtual machine introspection using LIBVMI. Sandia report, pp. 43–44 (2012)

    Google Scholar 

  32. Pettit, J., Pfaff, B., Stringer, J., Tu, C.C., Blanco, B., Tessmer, A.: Bringing platform harmony to vmware nsx (2018)

    Google Scholar 

  33. Ray, E., Schultz, E.: Virtualization security. In: Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies, pp. 1–5 (2009)

    Google Scholar 

  34. Sapp, K.L.: Managing Virtual Infrastructure with Veeam® ONE™. Packt Publishing Ltd (2014)

    Google Scholar 

  35. Shen, Z., Young, C.C., Zeng, S., Murthy, K., Bai, K.: Identifying resources for cloud garbage collection. In: 2016 12th International Conference on Network and Service Management (CNSM), pp. 248–252. IEEE (2016)

    Google Scholar 

  36. Steinder, M., Whalley, I., Carrera, D., Gaweda, I., Chess, D.: Server virtualization in autonomic management of heterogeneous workloads. In: 2007 10th IFIP/IEEE International Symposium on Integrated Network Management, pp. 139–148. IEEE (2007)

    Google Scholar 

  37. Suchithra, R., Rajkumar, N.: Efficient migration-a leading solution for server consolidation. Int. J. Comput. Appl. 60(18) (2012)

    Google Scholar 

  38. Zaidenberg, N.J.: Hardware rooted security in industry 4.0 systems. In: Cyber Defence in Industry 4.0 Systems and Related Logistics and IT Infrastructures, vol. 51, pp. 135–151 (2018)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Ariel University, Ariel, Israel

    Nezer Jacob Zaidenberg, Michael Kiperberg, Yael Elinav, Alex Moshinky & Lior Siag

  2. Shamoon College of Engineering, Beer-Sheva, Israel

    Nezer Jacob Zaidenberg, Michael Kiperberg, Yael Elinav, Alex Moshinky & Lior Siag

  3. University of Jyväskylä, Jyväskylä, Finland

    Nezer Jacob Zaidenberg, Michael Kiperberg, Yael Elinav, Alex Moshinky & Lior Siag

Authors
  1. Nezer Jacob Zaidenberg
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Michael Kiperberg
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yael Elinav
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Alex Moshinky
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Lior Siag
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nezer Jacob Zaidenberg .

Editor information

Editors and Affiliations

  1. University of Twente, Enschede, The Netherlands

    Luís Ferreira Pires

  2. ESEO, ERIS, Angers, France

    Slimane Hammoudi

  3. Model Driven Solutions, Herndon, VA, USA

    Edwin Seidewitz

Rights and permissions

Reprints and permissions

Copyright information

© 2023 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zaidenberg, N.J., Kiperberg, M., Elinav, Y., Moshinky, A., Siag, L. (2023). HERO vs Zombie: Destroying Zombie Guests in Virtual Machine Environments. In: Pires, L.F., Hammoudi, S., Seidewitz, E. (eds) Model-Driven Engineering and Software Development. MODELSWARD MODELSWARD 2021 2022. Communications in Computer and Information Science, vol 1708. Springer, Cham. https://doi.org/10.1007/978-3-031-38821-7_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-38821-7_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-38820-0

  • Online ISBN: 978-3-031-38821-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation