Identifying Weaknesses in VM/Hypervisor Interfaces
|
|
- Suzan Cooper
- 8 years ago
- Views:
Transcription
1 th Hawaii International Conference on System Sciences Identifying Weaknesses in VM/Hypervisor Interfaces Lucas McDaniel Department of Computer Science University of Alaska Fairbanks Kara Nance Department of Computer Science University of Alaska Fairbanks Abstract As cloud and virtualized environments become more widely used to solve challenges faced by companies of all sizes, it is increasingly likely that this infrastructure will be a common focus of attacks in the years to come. Successful attacks against this infrastructure could allow an attacker to break out of the virtual environment and gain control of the physical infrastructure effectively compromising the entire system. Given the recent surge in the development and deployment of these environments, it is reasonable to expect that these systems have not undergone the same amount of testing that comes with age and wide acceptance, and which we often require for critical services. Therefore, in-depth analysis of the attack surfaces exposed by these environments is necessary to ensure the security of these systems. This paper describes a Cyber Fast Track (CFT) project to create a testing framework to analyze the interfaces exposed by several hypervisors to potentially untrusted users (inside VMs) for vulnerabilities. The methods used consist of random input testing of emulated devices by intercepting and modifying valid device I/O with a state-aware system. These techniques are general enough that they may be extended to test many interfaces across a wide range of virtualization systems. This project then uses this tool against current versions of several virtualization systems with the ultimate goal to inform developers and system administrators alike about potential vulnerabilities in these systems. Keywords: Virtualization, Cloud Security, Hypervisor, Automatic Test Generation 1 INTRODUCTION Cloud computing and virtualization systems are quickly becoming standard additions to many company s computing infrastructures as these types of systems offer very tangible benefits in the forms of reduced cost, elasticity, increased efficiency, and unparalleled mobility. Critical systems can be virtualized to offer an increased level of resilience and reliability at minimal technical costs. The ability to dynamically modify the hardware of a virtual server as well as relocate it to a different datacenter with practically zero downtime are features that can easily be utilized by any company. It is easy to see how these advantages can overshadow the risks associated with the virtualization of critical systems. It can lead to adoption of cloud-based solutions which may not be well understood by system administrators and managers weighing the benefits of migrating to virtual systems or even the developers and architects of virtualization systems. It is naïve to treat these virtualization components as simply another physical hard drive or server without fully analyzing the risks inherent to this approach. Virtualization at its core is designed to add a layer of abstraction between an application and an execution environment ideally to gain some tangible benefit such as greater security [1], portability [2], or ability to share resources [3]. However, this layer of abstraction provides an additional attack surface and a potential break through this layer of abstraction is a factor that needs to be taken into consideration. One of the goals of this project is to present a tool which can be used to give system administrators and managers a better understanding of these risks through empirical means. Attacks against the virtualization layer are a real threat [4, 5, 6, 7]. Since the virtualization layer interacts with virtual machines and the underlying hardware, the interface between the hardware and VM as well as between two VMs is potentially a target for attack. Such interfaces could allow an attacker to break out of the virtual environment and gain control of the virtualization layer, allowing them (direct and hard to detect) access to the physical infrastructure and all VMs running on it. Virtualization suites are complex software systems, and are extremely likely to contain multiple vulnerabilities that have yet to be discovered (at least publicly). The purpose of this research effort is to address the asymmetry in which attackers can target this relatively /12 $ IEEE DOI /HICSS
2 unexplored layer to find vulnerabilities and develop exploits, while defenders are generally left to patch systems after the fact when vulnerabilities are made public. By providing an automated testing framework that can be used to proactively identify vulnerabilities in the common VM/hypervisor interfaces, we can allow system administrators to more easily defend their systems, system managers to more accurately determine the risks of virtualization and cloud computing, and the developers and architects of virtualization systems to identify vulnerable code segments and more clearly understand the implications of their design choices. Currently, testing of these interfaces currently tends to focus on functionality, and as such the priority tends to be ensuring that valid and predictable commands produce valid and predictable outputs [8]. The proposed method will take the approach more typically taken by those seeking to compromise systems (i.e., determining the response of a system to invalid or unexpected inputs or operations). In short, this project will build a testing framework aimed at the VM/hypervisor interfaces. The primary interfaces that were targeted during this initial effort were device drivers for several commonly found emulated virtual devices within VMs (e.g., a device driver for a virtual network card). However, the techniques developed are expected to be generalizable to other interfaces as necessary (e.g. VM/hypervisor communication and optimization interfaces such as VMware tools). 2 BACKGROUND Understanding current trends for use and testing of virtualization environments is the key motivating factor for this project. This project extends previous work done to test emulations in similar manners and provides a framework for performing these types of tests within the kernel. 2.1 Virtualization Virtualization is certainly a mainstream component of enterprise IT server environments, and is also seeing increasing use in the workstation arena. It is also a fundamental driver of cloud computing, which is becoming a common fixture across the spectrum from home to enterprise computing environments. In light of that, the primary use case is one of providing virtualization system developers, architects, and administrators with insight into the weaknesses in both implementations and architectures. Because virtualization is at the heart of many of today s IT systems (again, touching all levels of computing from home to enterprise, including the cloud), vulnerabilities in the virtualization layer can have significant impacts on the security of much of today s systems. For example, a business that deploys infrastructure in the cloud, and the cloud-provider making that system available, may understand the risks of traditional external attack against that system, and make take steps to appropriate mitigate that risk (such as OS and application level configurations). However, it is likely that neither the business nor the cloud-provider currently understands the risk associated with attacks against the virtualization layer itself, and as such may be providing quite inadequate protection against the threats they are actually facing [9]. At the highest level, the technical objective of this effort was to design and implement a test suite that can identify vulnerable components of the various VM/hypervisor interfaces. Such interfaces include a wide range of device drivers for emulated/virtual hardware devices, including network devices, storage devices, audio devices, and graphics devices, as well as the virtualized PCI implementation. These attack surfaces are exposed to users of a VM itself, who can, in the case of public clouds such as EC2 or compromised VMs in enterprise infrastructure, be attackers looking to gain control over the underlying physical infrastructure (and through that access to all VMs running on it). The interfaces can also potentially be exposed to external users and systems (e.g., an external system can interact with device drivers on a VM to some extent by sending network traffic to that VM). In order to test for vulnerabilities, we need a very granular method of monitoring and modifying the data sent and received from these interfaces. Instead of testing a virtual environment by sending completely random and unstructured data to the targets this project implemented a mechanism that could intercept and modify valid and structured data to allow for a more complete testing footprint. In order to accomplish this the interface for the corresponding targets was modified by inserting a wrapper around the function(s) for each testable operation. A set of at least commonly used interfaces across several virtualization packages were modified and analyzed throughout this project. Even after this level of control is established, it is beneficial to also control when the data will be altered, as certain vulnerabilities may be presented only after the device has been properly initialized and configured. This was achieved by dynamically generating rules customizable by a tester that describe when the data sent to or from an operation will be altered. By including this as the primary mechanism for altering the environment, not only can general rules be used across a wide range of targets, but also sets of rules can be honed to test a specific section of a target. 2.2 Related Work Random input testing is a common method of analyzing software, and it has even been used to test
3 virtualization packages [10, 13]. However, previous work testing emulated devices has been limited in the interfaces tested. Additionally, existing testing suites for virtualization packages largely focus on ensuring functionality is maintained across patches and updates, instead of identifying exploitable vulnerabilities and ensuring hardened systems [8]. This tool was designed to provide an automated method of analyzing new versions of virtualization packages that can be integrated into current testing suites. Random input testing has proven to be highly successful at finding bugs within virtualization packages over the years: Cloudburst (2009). Discovered by researchers at Immunity, Inc., Cloudburst was a series of attacks discovered in VMware s SVGA II emulation some of which allowed for arbitrary code injection on the host. [5] Virtunoid (2011). Discovered by Nelson Elhage, virtunoid an attack on KVM s hot plug checking routine during device removals that allowed for arbitrary code injection. [6] In 2007, Tavis Ormandy produced a paper describing a series of bugs across many virtualization platforms generated by using crashme and a tool designed to simulate random IO port activity. [4] This is but a small list of the vulnerabilities independent researchers have discovered in virtualization systems and the magnitude of these attacks should be indicative of the possibility of non-publically available attacks of similar scale. 3 RESEARCH A preliminary project was conducted using similar techniques used in previous projects to gain a thorough understanding of how these methods held up against modern systems. This focused largely on analyzing the attack surface exposed by device communication methods. For the sake of simplicity, the follow statements regarding this communication process are only in regards to the x86 architecture. 3.1 Device Communication There are two main communication methods that were analyzed during the preliminary project: Memory Mapped IO (MMIO) and IO ports. IO ports share many similarities with network sockets in that there are IO ports and values can be written to and read from them. The main difference is with the size of the values that may be sent that are limited to 8, 16, or 32 bit values and only one at any given time. MMIO, on the other hand, acts very similar to standard memory as the name implies since it uses a region of the corresponding address bus. Both of these memory regions are be accessed through a series of kernel wrapper functions. These mappings are initialized when the device is being configured after the appropriate driver has been found and loaded into the kernel [11]. For PCI devices, which consist of the majority of emulations tested during this project, this is done during the driver s corresponding PCI probe function. When these mappings have been setup, they become the primary method for the driver to communicate with the device. While it is possible to access both MMIO and IO ports (after IO ports have been remapped to memory addresses) by dereferencing a void pointer, standard dictates that such communication should take place through a series of kernel wrapper functions: MMIO: io(read write)( ) IO ports: (in out)(b w d) For example, outb(0x378, 0xff) would write the value 0xff to IO port 0x378, and ioread8(0xf ) would return the byte value at memory address 0xF ). It deserves to be mentioned that these methods of device access are common across many bus architectures; however, there are alternate methods to achieve this end. Direct Memory Access (DMA) is a very popular option for passing data between the driver and emulation because it does not require the CPU to facilitate this transfer. Once a DMA controller has been initialized (and the device has been set to be bus master), it is common for devices to transfer large blocks of data (e.g. frame buffers, network packets) through the controller since it doesn t need to call kernel functions and thus doesn t require the CPU to transfer the data. Since this method lacks appropriate functions to wrap, there isn t a direct method of altering data sent through DMA controllers. 3.2 Preliminary Testing Preliminary testing consisted largely of writing random values to the shared MMIO or IO ports to determine how the driver and emulated device would handle such alterations. Linux has nice interfaces to these areas exposed directly to userspace: /dev/port and /dev/mem. It should be noted that many distributions disallow access to /dev/mem by compiling the kernel with STRICT_DEVMEM enabled to prevent against some types of attack [12]. In order to use these interfaces for testing, the appropriate mappings need to be known. This information can be extracted through /proc/ioports, /proc/iomem, and lspci. Preliminary testing first required creating several VM configurations using as many types of emulations as possible, and repeating for several virtualization platforms. A basic shell script was used to dd sections of
4 /dev/urandom to sections of mapped memory and IO ports. While such methods lack any sophisticated knowledge of the device state and structure of the data contained in these regions, this technique is a remarkably useful at finding emulations that crash and reduced the list of emulations to check for the main project. A brief overview of these results can be found in the Results section. 4 CHALLENGES There were several challenges identified prior to and during the execution of this CFT project. These include technical challenges, attack surface impact, and adversary perspective. 4.1 Technical Challenges There are several technical challenges for this project, which include modifying a range of interfaces correctly and in a manner that can be generalized to a wide range of targets, and potentially having other components of the VM, including the kernel, intercept altered data on its way to the devices (meaning that we are in effect testing other components of the system instead of the VM/hypervisor interfaces). It is simply not practical to gain a thorough understanding of all the internal intricacies of a large number of drivers, for example; however, the testing utility is designed to allow analysis to be performed without requiring this high level of understanding. All analysis is performed by modifying the VM/hypervisor interface functions (e.g., driver read or write functions) to alter the data inline based on the defined test rules. Furthermore, when necessary the interface states can in most cases be determined by observing the common target structures (e.g., the pci_driver struct). While inadvertently targeting other components of the VM, such as the kernel, to some extent is probably unavoidable, modifying the data as close as possible to its use will reduce this risk. We can further reduce the risk of unintentionally putting the kernel into an inoperable state by restarting the VM with a new set of rules at predefined time intervals. 4.2 Impact Attack surfaces are neither directly enlarged nor shrunken as a direct result of this tool (as it will not run on a VM we are attempting to protect). However, what will change is our understanding of the attack surfaces that already exist. Such understanding will allow the developers and architects of virtualized systems to identify weaknesses and engineer more resilient systems, for system administrators to defend their systems more completely (e.g., by blocking inbound traffic that may be valid for the network, but hazardous to the networking stack of a VM), and for managers to more completely evaluate the risks of virtualized (and cloud-based) systems. 4.3 Adversary This project doesn't change the playing field by making attacks on the VM/hypervisor interfaces infeasible, nor does it alter how such attacks could be performed. Instead this project gives the developers and the security community the tools to analyze implementations in the same manner that an attacker would search for vulnerabilities. By providing an easy to use and automated method of analyzing implementations, we can identify areas of weakness in both implementations and architectures, and thereby ensure that current deployments can be updated or reconfigured to address existing vulnerabilities, and that future versions can be designed based on the lessons learned from this analysis. It is possible that this tool may empower at attacker to discover more vulnerabilities in the system. Since this tool is user agnostic, it is effective for both the defender and the adversary. By adding interfaces (e.g., additional device drivers) to the test suite for this tool, the adversary may be able to identify new vulnerabilities. As we will focus on implementing the most commonly used interfaces in this project, we expect that this benefit for the adversary will be limited to less common configurations (and will decline as more interfaces are added to the tool over time). 5 DESIGN The testing environment is setup with multiple hypervisors each with multiple VMs all connected to each other via a local area network. For this project, we focused on KVM, Xen and ESXi, but several additional hypervisors were chosen for the preliminary testing. The controller, also on this network, manages the rule generation and logging for the entire system. The controller starts by turning on all relevant VMs and sending their rule sets via serial ports that are connected on the local network. Each driver loads its set of rules and performs standard operations always checking to see if a rule has been triggered and how the triggered rule should react. All logging is sent back to the controller through the same communication channel and stored in a database. After a fixed length of time has passed, the VM s state is checked to ensure it has not crashed, and then all VMs are power cycled and given a new rule set to use
5 to perform such actions) that are deterministic and reliable in execution such as a network driver enabling TX buffers before RX buffers. By adding a few jump labels as well as a control block to manage when these labels should be jumped to allows for this reliance to be tested by changing the order of certain functions, and repeating or ignoring sections of the driver. The atomic term is used to signify that at the driver level, these operations are indivisible sets of reads and writes that once started must always be completed in the same order. In order to appropriately modify reads and writes to the device, each driver needs to be modified to wrap all such functions. The project was designed with this in mind, so that very little additions are required to be placed into the driver which will be testing the emulation, and the bulk of the management comes from an additional kernel module which takes care of logging and rule checking. The structure can be broken down into how each driver was modified, how these modifications interacted with the backend, and how rules could be applied to alter the operations. 5.1 Driver Modifications Each driver was modified to allow for two types of tests to be run which are referred to as Common Interface, and Atomic Operations. The drivers chosen for modification consisted of a selection of network, disk, audio, and graphics drivers used to control various emulated devices Common Interface The goal of the Common Interface is to monitor internal state information of the driver and wrap each device access function so that they can be altered when a certain state has been reached. The common term is used since a tester who creates a set of rules to test one emulation may use the same set of rules to test another emulation provided they share similar states. The internal state information is saved in a structure located in the pci_dev struct, and external functions are called to determine if a rule has been met Atomic Operations Atomic Operations are defined as a series of read or writes to the device (or a series of functions that are called 5.2 Driver Backed The backend consists of another driver (normally compiled into the kernel) which manages loading rules, logging, storing state information, determining if a rule has been met, and how the data should be altered given a rule has been met. This backend consists of several exported functions that are called by the modified drivers anytime a read or write is to be executed. These functions first check the current state of the driver and determine if a rule matching that state has been received. If a rule has been met, then the system modifies the access according to the rule s specification, otherwise it calls the original kernel function and passes the return values back. Prior to any operation being performed, the current state of the driver and any rule that has been met is logged via serial ports sent to the logging system listening on the other end that saves this information in a database. This provides an easy metric for determining if rules are properly being evaluated. The rules get loaded during the PCI probe operation. At this time, modified drivers make a request out through the serial port for their rule set, which are stored within the pci_dev structure. This communication also contains information regarding the logging level, memory mappings to expect, and an assortment of other information to assist with correctly identifying states. 5.3 Rule Generation Peach Fuzzer is the framework being used for the backend because of its highly modular design and test case generation managed through XML files referred to as Peach Pits [13]. All information regarding the test is stored in these Peach Pits including the rules to be used, which sets of VMs to be cycled for each test, and how long the VMs should be left running; all of this makes it remarkably easy to anyone to modify and create new rules to test emulations with. For each test, the VMs are powered on and these rules are then set via the network to the serial ports on the VMs being tested. Monitors determine if the VM has been prematurely shutdown as the result of a test and this information is logged. Given a crash, log files are extracted from the hypervisor as well as the last rule triggered before the crash to assist a tester with
6 identifying the reason for the crash. Since these tests are largely automated, the entire system was designed to be capable of being integrated inside an existing testing environment to increase the testing footprint of such tests. 6 RESULTS This project is a DARPA-funded Cyber Fast Track Project and ended in August Since this paper focuses on the framework developed, comprehensive analysis of the crashes produced and the extent into which they may be exploited will not be explored. Instead, we seek to highlight a few crashes to demonstrate the successfulness of testing modern hypervisor interfaces with the proposed method. The tool was used to test a wide range of configurations across several hypervisors. Emphasis was placed on Xen, KVM, and ESXi as they were specifically required for the CFT but a few others were also chosen. These configurations were tested over a two-week period and a subset of the interesting crashes is provided below. Also found using a recent version of KVM (qemukvm ). 6.3 ESXi 5.0 An emulation in a recent build of ESXi 5.0 produces a purple screen of death (PSOD). 6.1 VMware Workstation Using the previously mention methods of testing these emulation, we ve identified an emulation that reliably crashes giving access violation error: 7 FUTURE RESEARCH This was found in a recent version of VMWare Workstation (8.0.4 build ). 6.2 KVM An emulation in KVM / QEMU reliably produces a double free error: While this project has modified over a dozen commonly used device drivers, this is a small number of the drivers controlling potential emulated devices or interfaces between the VM and hypervisor. The most clear method of extending this testing tool is to increase the number of drivers included in the package by focusing on the less commonly used emulations as they will most likely have less testing and may be more vulnerable to such types of attacks. Support for finer resolution rules can allow testers to more quickly determine vulnerable components with a higher level of certainty. For instance, limiting the range of addresses to alter to only control addresses and values to write to known sets of control codes can allow for more intelligent testing. By increasing the granularity of these rules, the system could benefit greatly from an analysis engine that would refine rules sent to the device to hone in on more specific sub-rules given a crash
7 The project lacked a strong method of altering data sent through DMA because of the nature of this access. However, identifying the structure of the data and altering it prior to it being sent to the emulation (such as making alterations to network data at the netdev level instead of the driver level) would provide the ability to test how the virtualization layer is able to parse these structures, a task that is currently a non-trivial process to do with the current version of the tool. 8 REFERENCES [1] Goldberg, I., D. Wagner, R. Thomas, and E. Brewer. A Secure Environment for Untrusted Helper Applications USENIX Security Symposium, [2] Gosling, J. Java: An Overview, Retrieved June, 2012 from rences/originaljavawhitepaper.pdf [10] Carrette, G. Crashme: Random Input Testing. Retrieved June, 2012 from [11] Opdenacker, M. Linux PCI Drivers. Retrieved June, 2012 from [12] Lineberry, A. Malicious Code Injection via /dev/mem. March 27, Black Hat Europe Retrieved June, 2012 from 09/Lineberry/BlackHat-Europe-2009-Lineberrycode-injection-via-dev-mem.pdf [13] M. Eddington, Peach Fuzzing Platform, [3] VMWare Staff, Virtualization overview. White Paper: Retrieved June, 2012 from [4] Ormandy, T. An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments. Retrieved June, 2012 from [5] Immunity, Inc. Cloudburst. Black Hat USA June Retrieved June, 2012 from 09/KORTCHINSKY/BHUSA09-Kortchinsky- Cloudburst-PAPER.pdf [6] Elhage, N. Virtunoid: Breaking out of KVM. August 8, Defcon Retrieved June, 2012 from [7] Gruskovnjak, Jordan. VUPEN Vulnerability Research Team (VRT) Blog. Retrieved September, 2012 from Advanced_Exploitation_of_Xen_Sysret_VM_Escape _CVE php [8] Kamalesh, B., S. Balbir. Keeping the Linux Kernel Honest In Proceedings of the Linux Symposium, pages 19-20, [9] Stephen Kaisler, William H. Money, Stephen J. Cohen, "A Decision Framework for Cloud Computing," th Hawaii International Conference on System Sciences,
An overwhelming majority of IaaS clouds leverage virtualization for their foundation.
1 2 3 An overwhelming majority of IaaS clouds leverage virtualization for their foundation. 4 With the use of virtualization comes the use of a hypervisor. Normally, the hypervisor simply provisions resources
More informationVirtual Switching Without a Hypervisor for a More Secure Cloud
ing Without a for a More Secure Cloud Xin Jin Princeton University Joint work with Eric Keller(UPenn) and Jennifer Rexford(Princeton) 1 Public Cloud Infrastructure Cloud providers offer computing resources
More informationVirtualization System Vulnerability Discovery Framework. Speaker: Qinghao Tang Title:360 Marvel Team Leader
Virtualization System Vulnerability Discovery Framework Speaker: Qinghao Tang Title:360 Marvel Team Leader 1 360 Marvel Team Established in May 2015, the first professional could computing and virtualization
More informationVIRTUALIZATION INTROSPECTION SYSTEM ON KVM-BASED CLOUD COMPUTING PLATFORMS. 100356010@nccu.edu.tw Advisor: yuf@nccu.edu.tw Software Security Lab.
VIRTUALIZATION INTROSPECTION SYSTEM ON KVM-BASED CLOUD COMPUTING PLATFORMS 100356010@nccu.edu.tw Advisor: yuf@nccu.edu.tw Software Security Lab. Motivation The era of cloud computing Motivation In the
More informationVirtualization System Security
Virtualization System Security Bryan Williams, IBM X-Force Advanced Research Tom Cross, Manager, IBM X-Force Security Strategy 2009 IBM Corporation Overview Vulnerability disclosure analysis Vulnerability
More informationWindows Server Virtualization & The Windows Hypervisor
Windows Server Virtualization & The Windows Hypervisor Brandon Baker Lead Security Engineer Windows Kernel Team Microsoft Corporation Agenda - Windows Server Virtualization (WSV) Why a hypervisor? Quick
More informationBefore we can talk about virtualization security, we need to delineate the differences between the
1 Before we can talk about virtualization security, we need to delineate the differences between the terms virtualization and cloud. Virtualization, at its core, is the ability to emulate hardware via
More informationA Survey on Virtual Machine Security
A Survey on Virtual Machine Security Jenni Susan Reuben Helsinki University of Technology jreubens@cc.hut.fi Abstract Virtualization plays a major role in helping the organizations to reduce the operational
More informationSecuring your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation
Securing your Virtual Datacenter Part 1: Preventing, Mitigating Privilege Escalation Before We Start... Today's discussion is by no means an exhaustive discussion of the security implications of virtualization
More informationPeach Fuzzer Platform
Fuzzing is a software testing technique that introduces invalid, malformed, or random data to parts of a computer system, such as files, network packets, environment variables, or memory. How the tested
More informationVirtualization. Dr. Yingwu Zhu
Virtualization Dr. Yingwu Zhu What is virtualization? Virtualization allows one computer to do the job of multiple computers. Virtual environments let one computer host multiple operating systems at the
More informationTenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments
Tenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments Introduction Server virtualization and private cloud services offer compelling benefits, including hardware consolidation,
More informationMigration and Building of Data Centers in IBM SoftLayer with the RackWare Management Module
Migration and Building of Data Centers in IBM SoftLayer with the RackWare Management Module June, 2015 WHITE PAPER Contents Advantages of IBM SoftLayer and RackWare Together... 4 Relationship between
More informationCompromise-as-a-Service
ERNW GmbH Carl-Bosch-Str. 4 D-69115 Heidelberg 3/31/14 Compromise-as-a-Service Our PleAZURE Felix Wilhelm & Matthias Luft {fwilhelm, mluft}@ernw.de ERNW GmbH Carl-Bosch-Str. 4 D-69115 Heidelberg Agenda
More informationVirtual Machines and Security Paola Stone Martinez East Carolina University November, 2013.
Virtual Machines and Security Paola Stone Martinez East Carolina University November, 2013. Keywords: virtualization, virtual machine, security. 1. Virtualization The rapid growth of technologies, nowadays,
More informationFull and Para Virtualization
Full and Para Virtualization Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF x86 Hardware Virtualization The x86 architecture offers four levels
More informationFrontiers in Cyber Security: Beyond the OS
2013 DHS S&T/DoD ASD (R&E) CYBER SECURITY SBIR WORKSHOP Frontiers in Cyber Security: Beyond the OS Clear Hat Consulting, Inc. Sherri Sparks 7/23/13 Company Profile CHC was founded in 2007 by S. Sparks
More informationWhite Paper. Recording Server Virtualization
White Paper Recording Server Virtualization Prepared by: Mike Sherwood, Senior Solutions Engineer Milestone Systems 23 March 2011 Table of Contents Introduction... 3 Target audience and white paper purpose...
More informationHow To Protect Your Cloud From Attack
A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to
More informationADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT
ADDING NETWORK INTELLIGENCE INTRODUCTION Vulnerability management is crucial to network security. Not only are known vulnerabilities propagating dramatically, but so is their severity and complexity. Organizations
More informationMigration and Building of Data Centers in IBM SoftLayer with the RackWare Management Module
Migration and Building of Data Centers in IBM SoftLayer with the RackWare Management Module June, 2015 WHITE PAPER Contents Advantages of IBM SoftLayer and RackWare Together... 4 Relationship between
More informationSecuring Your Cloud with Xen Project s Advanced Security Features
Securing Your Cloud with Xen Project s Advanced Security Features Russell Pavlicek, Xen Project Evangelist CloudOpen North America 2013 Who is the Old, Fat Geek Up Front? Xen Project Evangelist Employed
More informationI/O Virtualization Using Mellanox InfiniBand And Channel I/O Virtualization (CIOV) Technology
I/O Virtualization Using Mellanox InfiniBand And Channel I/O Virtualization (CIOV) Technology Reduce I/O cost and power by 40 50% Reduce I/O real estate needs in blade servers through consolidation Maintain
More informationWhite Paper The Dynamic Nature of Virtualization Security
White Paper The Dynamic Nature of Virtualization Security The need for real-time vulnerability management and risk assessment Introduction Virtualization is radically shifting how enterprises deploy, deliver,
More informationDynamic Load Balancing of Virtual Machines using QEMU-KVM
Dynamic Load Balancing of Virtual Machines using QEMU-KVM Akshay Chandak Krishnakant Jaju Technology, College of Engineering, Pune. Maharashtra, India. Akshay Kanfade Pushkar Lohiya Technology, College
More informationKVM: A Hypervisor for All Seasons. Avi Kivity avi@qumranet.com
KVM: A Hypervisor for All Seasons Avi Kivity avi@qumranet.com November 2007 Virtualization Simulation of computer system in software Components Processor: register state, instructions, exceptions Memory
More informationThe Incremental Advantage:
The Incremental Advantage: MIGRATE TRADITIONAL APPLICATIONS FROM YOUR ON-PREMISES VMWARE ENVIRONMENT TO THE HYBRID CLOUD IN FIVE STEPS CONTENTS Introduction..................... 2 Five Steps to the Hybrid
More informationZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy
ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy OVERVIEW The global communication and the continuous growth of services provided through the Internet or local infrastructure require to
More informationThe Review of Virtualization in an Isolated Computer Environment
The Review of Virtualization in an Isolated Computer Environment Sunanda Assistant professor, Department of Computer Science & Engineering, Ludhiana College of Engineering & Technology, Ludhiana, Punjab,
More informationInstalling & Using KVM with Virtual Machine Manager COSC 495
Installing & Using KVM with Virtual Machine Manager COSC 495 1 Abstract:. There are many different hypervisors and virtualization software available for use. One commonly use hypervisor in the Linux system
More informationPERFORMANCE ANALYSIS OF KERNEL-BASED VIRTUAL MACHINE
PERFORMANCE ANALYSIS OF KERNEL-BASED VIRTUAL MACHINE Sudha M 1, Harish G M 2, Nandan A 3, Usha J 4 1 Department of MCA, R V College of Engineering, Bangalore : 560059, India sudha.mooki@gmail.com 2 Department
More informationSecuring Industrial Control Systems on a Virtual Platform
Securing Industrial Control Systems on a Virtual Platform How to Best Protect the Vital Virtual Business Assets WHITE PAPER Sajid Nazir and Mark Lazarides sajid.nazir@firstco.uk.com 9 Feb, 2016 mark.lazarides@firstco.uk.com
More informationChapter 14 Virtual Machines
Operating Systems: Internals and Design Principles Chapter 14 Virtual Machines Eighth Edition By William Stallings Virtual Machines (VM) Virtualization technology enables a single PC or server to simultaneously
More informationLearn the Essentials of Virtualization Security
Learn the Essentials of Virtualization Security by Dave Shackleford by Dave Shackleford This paper is the first in a series about the essential security issues arising from virtualization and the adoption
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationClouds, Virtualization and Security or Look Out Below
Clouds, Virtualization and Security or Look Out Below Lee Badger Hardware Virtualization (Box View) 1 2 dom0 HW type 1 Para-virtualization I/O Host HW type 2 dom0 HW type 1 Full virtualization I/O Host
More informationVirtualization Technologies
12 January 2010 Virtualization Technologies Alex Landau (lalex@il.ibm.com) IBM Haifa Research Lab What is virtualization? Virtualization is way to run multiple operating systems and user applications on
More informationNetwork Access Control in Virtual Environments. Technical Note
Contents Security Considerations in.... 3 Addressing Virtualization Security Challenges using NAC and Endpoint Compliance... 3 Visibility and Profiling of VMs.... 4 Identification of Rogue or Unapproved
More information2) Xen Hypervisor 3) UEC
5. Implementation Implementation of the trust model requires first preparing a test bed. It is a cloud computing environment that is required as the first step towards the implementation. Various tools
More informationGUEST OPERATING SYSTEM BASED PERFORMANCE COMPARISON OF VMWARE AND XEN HYPERVISOR
GUEST OPERATING SYSTEM BASED PERFORMANCE COMPARISON OF VMWARE AND XEN HYPERVISOR ANKIT KUMAR, SAVITA SHIWANI 1 M. Tech Scholar, Software Engineering, Suresh Gyan Vihar University, Rajasthan, India, Email:
More informationLearn the essentials of virtualization security
Learn the essentials of virtualization security White Paper Table of Contents 3 Introduction 4 Hypervisor connectivity and risks 4 Multi-tenancy risks 5 Management and operational network risks 5 Storage
More informationRED HAT ENTERPRISE VIRTUALIZATION
Giuseppe Paterno' Solution Architect Jan 2010 Red Hat Milestones October 1994 Red Hat Linux June 2004 Red Hat Global File System August 2005 Red Hat Certificate System & Dir. Server April 2006 JBoss April
More informationRCL: Software Prototype
Business Continuity as a Service ICT FP7-609828 RCL: Software Prototype D3.2.1 June 2014 Document Information Scheduled delivery 30.06.2014 Actual delivery 30.06.2014 Version 1.0 Responsible Partner IBM
More informationHow To Make A Virtual Machine Aware Of A Network On A Physical Server
VMready Virtual Machine-Aware Networking White Paper Table of Contents Executive Summary... 2 Current Server Virtualization Environments... 3 Hypervisors... 3 Virtual Switches... 3 Leading Server Virtualization
More informationSecurity Overview of the Integrity Virtual Machines Architecture
Security Overview of the Integrity Virtual Machines Architecture Introduction... 2 Integrity Virtual Machines Architecture... 2 Virtual Machine Host System... 2 Virtual Machine Control... 2 Scheduling
More informationAdvanced File Integrity Monitoring for IT Security, Integrity and Compliance: What you need to know
Whitepaper Advanced File Integrity Monitoring for IT Security, Integrity and Compliance: What you need to know Phone (0) 161 914 7798 www.distology.com info@distology.com detecting the unknown Integrity
More informationEnd to End Defense against Rootkits in Cloud Environment. Design- Part 2
End to End Defense against Rootkits in Cloud Environment Design- Part 2 Sachin Shetty Associate Professor Electrical and Computer Engineering Director, Cybersecurity Laboratory Tennessee State University
More informationFirewalls Overview and Best Practices. White Paper
Firewalls Overview and Best Practices White Paper Copyright Decipher Information Systems, 2005. All rights reserved. The information in this publication is furnished for information use only, does not
More informationFINAL DoIT 04.01.2013- v.8 APPLICATION SECURITY PROCEDURE
Purpose: This procedure identifies what is required to ensure the development of a secure application. Procedure: The five basic areas covered by this document include: Standards for Privacy and Security
More informationKVM Security Comparison
atsec information security corporation 9130 Jollyville Road, Suite 260 Austin, TX 78759 Tel: 512-349-7525 Fax: 512-349-7933 www.atsec.com KVM Security Comparison a t s e c i n f o r m a t i o n s e c u
More informationHow To Protect A Virtual Desktop From Attack
Endpoint Security: Become Aware of Virtual Desktop Infrastructures! An Ogren Group Special Report May 2011 Executive Summary Virtual desktops infrastructures, VDI, present IT with the unique opportunity
More informationStephen Coty Director, Threat Research
Emerging threats facing Cloud Computing Stephen Coty Director, Threat Research Cloud Environments 101 Cloud Adoption is Gaining Momentum Cloud market revenue will increase at a 36% annual rate Analyst
More informationWill Dormann: Sure. Fuzz testing is a way of testing an application in a way that you want to actually break the program.
The Power of Fuzz Testing to Reduce Security Vulnerabilities Transcript Part 1: Why Fuzz Testing? Julia Allen: Welcome to CERT's podcast series: Security for Business Leaders. The CERT program is part
More informationWindows Server 2008 R2 Hyper-V Live Migration
Windows Server 2008 R2 Hyper-V Live Migration Table of Contents Overview of Windows Server 2008 R2 Hyper-V Features... 3 Dynamic VM storage... 3 Enhanced Processor Support... 3 Enhanced Networking Support...
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities Learning Objectives Name the common categories of vulnerabilities Discuss common system
More informationSolution Guide Parallels Virtualization for Linux
Solution Guide Parallels Virtualization for Linux Overview Created in 1991, Linux was designed to be UNIX-compatible software that was composed entirely of open source or free software components. Linux
More informationTrend Micro. Advanced Security Built for the Cloud
datasheet Trend Micro deep security as a service Advanced Security Built for the Cloud Organizations are embracing the economic and operational benefits of cloud computing, turning to leading cloud providers
More informationZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy
ZEN LOAD BALANCER EE v3.02 DATASHEET The Load Balancing made easy OVERVIEW The global communication and the continuous growth of services provided through the Internet or local infrastructure require to
More informationLecture 2 Cloud Computing & Virtualization. Cloud Application Development (SE808, School of Software, Sun Yat-Sen University) Yabo (Arber) Xu
Lecture 2 Cloud Computing & Virtualization Cloud Application Development (SE808, School of Software, Sun Yat-Sen University) Yabo (Arber) Xu Outline Introduction to Virtualization The Major Approaches
More informationMore Efficient Virtualization Management: Templates
White Paper More Efficient Virtualization Management: Templates Learn more at www.swsoft.com/virtuozzo Published: November 2006 Revised: November 2006 Table of Contents Table of Contents... 2 OS, Middleware
More informationVMWARE Introduction ESX Server Architecture and the design of Virtual Machines
Introduction........................................................................................ 2 ESX Server Architecture and the design of Virtual Machines........................................
More informationILLUMIO ADAPTIVE SECURITY PLATFORM TM
ILLUMIO ADAPTIVE SECURITY PLATFORM TM HIGHLIGHTS Security with Intelligence Illumio ASP is powered by the breakthrough PCE. The PCE contextualizes all traffic flows, services, and processes on application
More informationEnterprise-Class Virtualization with Open Source Technologies
Enterprise-Class Virtualization with Open Source Technologies Alex Vasilevsky CTO & Founder Virtual Iron Software June 14, 2006 Virtualization Overview Traditional x86 Architecture Each server runs single
More informationIDSaaS: Intrusion Detection System as a Service in Public Clouds
IDSaaS: Intrusion Detection System as a Service in Public Clouds Turki Alharkan School of Computing Queen's University Kingston, ON Canada alharkan@cs.queensu.ca Patrick Martin School of Computing Queen's
More informationDeveloping tests for the KVM autotest framework
Lucas Meneghel Rodrigues lmr@redhat.com KVM Forum 2010 August 9, 2010 1 Automated testing Autotest The wonders of virtualization testing 2 How KVM autotest solves the original problem? Features Test structure
More informationUNCLASSIFIED Version 1.0 May 2012
Secure By Default: Platforms Computing platforms contain vulnerabilities that can be exploited for malicious purposes. Often exploitation does not require a high degree of expertise, as tools and advice
More informationNetwork Virtualization Platform (NVP) Incident Reports
Network Virtualization Platform (NVP) s ORD Service Interruption During Scheduled Maintenance June 20th, 2013 Time of Incident: 03:45 CDT While performing a scheduled upgrade on the Software Defined Networking
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationTECHNOLOGYBRIEF. The Impact of Virtualization on Network Security. Discover. Determine. Defend.
The Impact of Virtualization on Network Security Discover. Determine. Defend. EXECUTIVE SUMMARY Virtualization is a concept that has become highly visible in the last few years because of its perceived
More informationRed Hat enterprise virtualization 3.0 feature comparison
Red Hat enterprise virtualization 3.0 feature comparison at a glance Red Hat Enterprise is the first fully open source, enterprise ready virtualization platform Compare the functionality of RHEV to VMware
More informationNested Virtualization
Nested Virtualization Dongxiao Xu, Xiantao Zhang, Yang Zhang May 9, 2013 Agenda Nested Virtualization Overview Dive into Nested Virtualization Details Nested CPU Virtualization Nested MMU Virtualization
More informationHost/Platform Security. Module 11
Host/Platform Security Module 11 Why is Host/Platform Security Necessary? Firewalls are not enough All access paths to host may not be firewall protected Permitted traffic may be malicious Outbound traffic
More informationSUSE Linux Enterprise 10 SP2: Virtualization Technology Support
Technical White Paper LINUX OPERATING SYSTEMS www.novell.com SUSE Linux Enterprise 10 SP2: Virtualization Technology Support Content and modifications. The contents of this document are not part of the
More informationKVM on S390x. Revolutionizing the Mainframe
KVM on S390x Revolutionizing the Mainframe Audience In depth technology High level overview Audience In depth technology High level overview Yes, you get both! S390x? Mainframe Highly available Highly
More informationSession 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness
Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness Wayne A. Wheeler The Aerospace Corporation GSAW 2015, Los Angeles, CA, March 2015 Agenda Emerging cyber
More informationBuilding Docker Cloud Services with Virtuozzo
Building Docker Cloud Services with Virtuozzo Improving security and performance of application containers services in the cloud EXECUTIVE SUMMARY Application containers, and Docker in particular, are
More informationCOS 318: Operating Systems. Virtual Machine Monitors
COS 318: Operating Systems Virtual Machine Monitors Kai Li and Andy Bavier Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall13/cos318/ Introduction u Have
More informationManagement of VMware ESXi. on HP ProLiant Servers
Management of VMware ESXi on W H I T E P A P E R Table of Contents Introduction................................................................ 3 HP Systems Insight Manager.................................................
More informationCPET 581 Cloud Computing: Technologies and Enterprise IT Strategies. Virtualization of Clusters and Data Centers
CPET 581 Cloud Computing: Technologies and Enterprise IT Strategies Lecture 4 Virtualization of Clusters and Data Centers Text Book: Distributed and Cloud Computing, by K. Hwang, G C. Fox, and J.J. Dongarra,
More informationIOS110. Virtualization 5/27/2014 1
IOS110 Virtualization 5/27/2014 1 Agenda What is Virtualization? Types of Virtualization. Advantages and Disadvantages. Virtualization software Hyper V What is Virtualization? Virtualization Refers to
More information2 Purpose. 3 Hardware enablement 4 System tools 5 General features. www.redhat.com
A Technical Introduction to Red Hat Enterprise Linux 5.4 The Enterprise LINUX Team 2 Purpose 3 Systems Enablement 3 Hardware enablement 4 System tools 5 General features 6 Virtualization 7 Conclusion www.redhat.com
More informationCPS221 Lecture: Operating System Structure; Virtual Machines
Objectives CPS221 Lecture: Operating System Structure; Virtual Machines 1. To discuss various ways of structuring the operating system proper 2. To discuss virtual machines Materials: 1. Projectable of
More informationThe Art of Virtualization with Free Software
Master on Free Software 2009/2010 {mvidal,jfcastro}@libresoft.es GSyC/Libresoft URJC April 24th, 2010 (cc) 2010. Some rights reserved. This work is licensed under a Creative Commons Attribution-Share Alike
More informationNutanix NOS 4.0 vs. Scale Computing HC3
Nutanix NOS 4.0 vs. Scale Computing HC3 HC3 Nutanix Integrated / Included Hypervisor Software! requires separate hypervisor licensing, install, configuration, support, updates Shared Storage benefits w/o
More informationWHITE PAPER. Addressing Monitoring, Access, and Control Challenges in a Virtualized Environment
WHITE PAPER Addressing Monitoring, Access, and Control Challenges in a Virtualized Environment www.ixiacom.com 915-6892-01 Rev. A, July 2014 2 Table of Contents The Challenge of the Virtual Environment...
More informationDoes your Citrix or Terminal Server environment have an Achilles heel?
CRYPTZONE WHITE PAPER Does your Citrix or Terminal Server environment have an Achilles heel? Moving away from IP-centric to role-based access controls to secure Citrix and Terminal Server user access cryptzone.com
More informationAttacking Hypervisors via Firmware and Hardware
Attacking Hypervisors via Firmware and Hardware Mikhail Gorobets, Oleksandr Bazhaniuk, Alex Matrosov, Andrew Furtak, Yuriy Bulygin Advanced Threat Research Agenda Hypervisor based isolation Firmware rootkit
More informationILLUMIO ADAPTIVE SECURITY PLATFORM TM
ILLUMIO ADAPTIVE SECURITY PLATFORM TM HIGHLIGHTS Security with Intelligence Illumio ASP is powered by the breakthrough PCE. The PCE contextualizes all traffic flows, services, and processes on application
More informationWeek Overview. Installing Linux Linux on your Desktop Virtualization Basic Linux system administration
ULI101 Week 06b Week Overview Installing Linux Linux on your Desktop Virtualization Basic Linux system administration Installing Linux Standalone installation Linux is the only OS on the computer Any existing
More informationWhat s new in Hyper-V 2012 R2
What s new in Hyper-V 2012 R2 Carsten Rachfahl MVP Virtual Machine Rachfahl IT-Solutions GmbH & Co KG www.hyper-v-server.de Thomas Maurer Cloud Architect & MVP itnetx gmbh www.thomasmaurer.ch Before Windows
More informationCIT 668: System Architecture
CIT 668: System Architecture Cloud Security Topics 1. The Same Old Security Problems 2. Virtualization Security 3. New Security Issues and Threat Model 4. Data Security 5. Amazon Cloud Security Data Loss
More informationDeveloping a dynamic, real-time IT infrastructure with Red Hat integrated virtualization
Developing a dynamic, real-time IT infrastructure with Red Hat integrated virtualization www.redhat.com Table of contents Introduction Page 3 Benefits of virtualization Page 3 Virtualization challenges
More informationUnmasking Virtualization Security. Eric A. Hibbard, CISSP, CISA Hitachi Data Systems
Eric A. Hibbard, CISSP, CISA Hitachi Data Systems SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA unless otherwise noted. Member companies and individual members may
More informationApplication Code Development Standards
Application Code Development Standards Overview This document is intended to provide guidance to campus system owners and software developers regarding secure software engineering practices. These standards
More informationREAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL
REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL AWF Series Web application firewalls provide industry-leading Web application attack protection, ensuring continuity
More informationNetworking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g Virtualization: Architectural Considerations and Implementation Options Virtualization Virtualization is the
More informationA Framework for Security Context Migration in a Firewall Secured Virtual Machine Environment
A Framework for Security Context Migration in a Firewall Secured Virtual Machine Environment Zahra Tavakoli, Sebastian Meier, and Alexander Vensmer Institute of Communication Networks and Computer Engineering
More informationSplunk for VMware Virtualization. Marco Bizzantino marco.bizzantino@kiratech.it Vmug - 05/10/2011
Splunk for VMware Virtualization Marco Bizzantino marco.bizzantino@kiratech.it Vmug - 05/10/2011 Collect, index, organize, correlate to gain visibility to all IT data Using Splunk you can identify problems,
More informationVirtualization. Jukka K. Nurminen 23.9.2015
Virtualization Jukka K. Nurminen 23.9.2015 Virtualization Virtualization refers to the act of creating a virtual (rather than actual) version of something, including virtual computer hardware platforms,
More informationHow to Secure Infrastructure Clouds with Trusted Computing Technologies
How to Secure Infrastructure Clouds with Trusted Computing Technologies Nicolae Paladi Swedish Institute of Computer Science 2 Contents 1. Infrastructure-as-a-Service 2. Security challenges of IaaS 3.
More information