Requirements for an Integrity-Protected Hypervisor on the x86 Hardware Virtualized Architecture

Vasudevan, Amit; McCune, Jonathan M.; Qu, Ning; Doorn, Leendert van; Perrig, Adrian

doi:10.1007/978-3-642-13869-0_10

Cited by 14 publications

(6 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These works tackled the problem of periodically scheduling the SMM to perform integrity verification using a variety of external hardware events. Vasudevan et al [21] further explored the requirements to establish hypervisor integrity verification and protection on the x86 hardware.…”

Section: Related Workmentioning

confidence: 99%

Multi-tiered Security Architecture for ARM via the Virtualization and Security Extensions

Lengyel¹,

Kittel²,

Pfoh³

et al. 2014

2014 25th International Workshop on Database and Expert Systems Applications

View full text Add to dashboard Cite

As the ARM architecture has become the favored platform for the fastest growing computing segment, the mobile market, establishing a sound security architecture on the platform is paramount. The frightening increase in malware for the Android and iOS platforms in addition to the adoption of ARM architectures outside of the mobile market only bolster this need. In this paper, we investigate the ARM architecture as well as its security and virtualization extensions available only on the newest generation of ARM processors. Considering these extensions, we present a concept for a multi-tiered security architecture for mobile computing devices. Our concept combines a custom TrustZone component and leverages the advanced features of the Xen hypervisor to present an all encompassing framework for all aspects of security including both load and runtime verification of critical components, strong isolation between components, and virtual machine introspection for anomaly detection.

show abstract

Section: Related Workmentioning

confidence: 99%

Multi-tiered Security Architecture for ARM via the Virtualization and Security Extensions

Lengyel¹,

Kittel²,

Pfoh³

et al. 2014

2014 25th International Workshop on Database and Expert Systems Applications

View full text Add to dashboard Cite

show abstract

“…Because our method involves virtualization technology, we also make the assumption that the virtual machine monitor (VMM) is always trusted. This is usually a fundamental assumption for hypervisor‐based security researches and is consolidated (although not guaranteed) by existing hypervisor protection mechanisms . In our threat model, we assume the VMM is secure and the attacks to the VMM are out of the scope of this paper.…”

Section: Attack Scenario and Threat Modelmentioning

confidence: 99%

Defending return‐oriented programming based on virtualization techniques

Jia

Wang

Zhang

et al. 2013

Security Comm Networks

View full text Add to dashboard Cite

Over the past few years, return‐oriented programming (ROP) has drawn great attention of both academia and industry. Because of its Turing completeness, ROP reuses short instruction sequences already present in the victim program's address space to perform arbitrary computation. Hence, it can successfully bypass state‐of‐the‐art code integrity check mechanisms. In this paper, we look into using virtualization technologies to defeat return‐oriented programming. We design and implement HyperCropII, a virtualization‐based automatic runtime approach to defend such attacks. ROP attackers extract short instruction sequences ending in ret called “gadgets” and craft stack content to “chain” these gadgets together. We observe that a key characteristic of ROP is to fill the stack with plenty of addresses that are within the range of the program's libraries. Accordingly, we inspect the content of the stack to see if a potential ROP attack exists and quarantine the damages for further security purposes. We have implemented a proof‐of‐concept system based on the open source Xen hypervisor. The evaluation results exhibit that our solution is effective and efficient. Copyright © 2013 John Wiley & Sons, Ltd.

show abstract

“…The fourth and last attack considers a hypothetical cloud with a security level much higher than what we considered so far. This cloud uses integrity-protected hypervisors, i.e., hypervisors that have a certain configuration and are protected against modification [23], [20]. This protection is obtained by using a trusted boot process that involves the Trusted Platform Module (TPM) to assure the user that a certain hypervisor and software configuration was started.…”

Section: Virtual Machine Relocationmentioning

confidence: 99%

Lucy in the sky without diamonds: Stealing confidential data in the cloud

Rocha

Correia

2011

2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W)

130

View full text Add to dashboard Cite

Cloud Computing is a recent paradigm that is creating high expectations about benefits such as the payper-use model and elasticity of resources. However, with this optimism come also concerns about security. In a public cloud, the user's data storage and processing is no longer done inside its premises, but in data centers owned and administrated by the cloud provider. This may be a concern for organizations that deal with critical data, such as medical records. We show that a malicious insider can steal confidential data of the cloud user, so the user is mostly left with trusting the cloud provider. The paper achieves this goal by showing a set of attacks that demonstrate how a malicious insider can easily obtain passwords, cryptographic keys, files and other confidential data. Additionally, the paper shows that recent research results that might be useful to protect data in the cloud, are still not enough to deal with the problem. The paper is a call to arms for research in the topic.

show abstract

Requirements for an Integrity-Protected Hypervisor on the x86 Hardware Virtualized Architecture

Cited by 14 publications

References 13 publications

Multi-tiered Security Architecture for ARM via the Virtualization and Security Extensions

Multi-tiered Security Architecture for ARM via the Virtualization and Security Extensions

Defending return‐oriented programming based on virtualization techniques

Lucy in the sky without diamonds: Stealing confidential data in the cloud

Contact Info

Product

Resources

About