Machine Virtualization: Efficient Hypervisors, Stealthy Malware
Size: px
Start display at page:

Download "Machine Virtualization: Efficient Hypervisors, Stealthy Malware"

Transcription

1 Machine Virtualization: Efficient Hypervisors, Stealthy Malware Muli Ben-Yehuda Technion & Hypervisor Technologies and Consulting Ltd Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

2 Background: x86 machine virtualization Running multiple different unmodified operating systems Each in an isolated virtual machine Simultaneously On the x86 architecture Many uses: live migration, record & replay, testing,..., security Foundation of IaaS cloud computing Used nearly everywhere Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

3 x86 virtualization primer How does it work? Popek and Goldberg s virtualization model [Popek74]: Trap and emulate Privileged instructions trap to the hypervisor Hypervisor emulates their behavior Without hardware support With hardware support Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

4 What is a rootkit? First you take control. How? Then you hide to avoid detection and maintain control. How? Usual methods are ugly and intrusive: easy to detect! Can rootkit authors do better? Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

5 Hypervisor-level rootkits Hypervisors have full control over the hardware Hypervisors can trap any operating system event Code can enter hypervisor-mode at any time Bluepill: run the rootkit as the hypervisor Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

6 Bluepill: a hypervisor level rootkit [Rutkowska06] Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

7 Recursive Bluepill Bluepill installs itself on the fly Bluepill is now the hypervisor Reminder: x86 only supports one hypervisor in hardware So how can you bluepill bluepill? Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

8 The Turtles project: Nested x86 Virtualization Efficient nested virtualization for Intel x86 based on KVM Runs multiple guest hypervisors and VMs The Turtles Project: Design and Implementation of Nested Virtualization, [Ben-Yehuda10] Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

9 What is the Turtles project? (cont ) Nested VMX virtualization for nested CPU virtualization Multi-dimensional paging for nested MMU virtualization Multi-level device assignment for nested I/O virtualization Micro-optimizations to make it go fast + Muli Ben-Yehuda (Technion & Hypervisor) + Efficient Hypervisors, Stealthy Malware = Cyberday, / 21

10 Theory of nested CPU virtualization Trap and emulate[popekgoldberg74] it s all about the traps Single-level (x86) vs. multi-level (e.g., z/vm) Single level one hypervisor, many guests Turtles approach: L 0 multiplexes the hardware between L 1 and L 2, running both as guests of L 0 without either being aware of it (Scheme generalized for n levels; Our focus is n=2) Guest L2 Guest L2 L1 Guest Hypervisor Guest Guest Hypervisor L1 Guest L2 Guest L2 Guest L0 Host Hypervisor L0 Host Hypervisor Hardware Hardware Multiple logical levels Multiplexed on a single level Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

11 Detecting hypervisor-based rootkits Bluepill authors claim undetectable Compatibility is Not Transparency: VMM Detection Myths and Realities [Garfinkel07] Hardware discrepancies Resource-sharing attacks Timing attacks: PCI register access, page-faults on MMIO access, cpuid timing vs. nops Can you trust time? Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

12 The Dual Role of a Hypervisor Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

13 Background: interrupts IDTR IDT IDT Entry Address IDT Entry Vector 1 Vector 2 Limit IDT Register IDT Entry Interrupt Descriptor Table Vector n Interrupt handlers I/O devices raise interrupts CPU temporarily stops the currently executing code CPU jumps to a pre-specified interrupt handler Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

14 Interrupts as an Attack Vector Follow the White Rabbit [Rutkowska11] Tell the device to generate interesting interrupts Attack: fool the CPU into SIPI Attack: syscall/hypercall injection In interrupt-based attacks an untrusted guest generates malicious interrupts which are handled in host mode Protect: handle interrupts in guest not host mode Serve: bare-metal performance! Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

15 ELI: Exitless Interrupts guest (a) Baseline Physical Interrupt Interrupt Injection Interrupt Completion hypervisor ELI (b) delivery Interrupt Completion guest hypervisor ELI delivery & (c) completion guest hypervisor (d) bare-metal (time) ELI: direct interrupts for unmodified, untrusted guests ELI: Bare-Metal Performance for I/O Virtualization, Gordon12 Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

16 ELI: delivery Shadow IDT Guest IDT Interrupt Handler IDTR Limit IDT Entry IDT Entry P=0 P=1 #NP Handler Assigned Interrupt Shadow IDT ELI Delivery VM Non-assigned Interrupt (#NP/#GP exit) IDT Entry P=0 #NP Hypervisor IDT Entry #GP Physical Interrupt All interrupts are delivered directly to the guest Host and other guests interrupts are bounced back to the host... without the guest being aware of it Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

17 ELI: signaling completion Guests signal interrupt completions by writing to the Local Advance Programmable Interrupt Controller (LAPIC) End-of-Interrupt (EOI) register Old LAPIC: hypervisor traps load/stores to LAPIC page x2apic: hypervisor can trap specific registers Signaling completion without trapping requires x2apic ELI gives the guest direct access only to the EOI register Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

18 ELI: threat model Threats: malicious guests might try to: keep interrupts disabled signal invalid completions consume other guests or host interrupts Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

19 ELI: protection VMX preemption timer to force exits instead of timer interrupts Ignore spurious EOIs Protect critical interrupts by: Delivering them to a non-eli core if available Redirecting them as NMIs unconditional exit Use IDTR limit to force #GP exits on critical interrupts Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

20 Conclusions Machine virtualization be used for good, or evil How do you protect and serve? Happy hacking! Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

21 Questions? Muli Ben-Yehuda (Technion & Hypervisor) Efficient Hypervisors, Stealthy Malware Cyberday, / 21

Similar documents

Bare-Metal Performance for x86 Virtualization

Bare-Metal Performance for x86 Virtualization Bare-Metal Performance for x86 Virtualization Muli Ben-Yehuda Technion & IBM Research Muli Ben-Yehuda (Technion & IBM Research) Bare-Metal Perf. for x86 Virtualization Intel, Haifa, 2012 1 / 49 Background:

More information

ELI: Bare-Metal Performance for I/O Virtualization

ELI: Bare-Metal Performance for I/O Virtualization ELI: Bare-Metal Performance for I/O Virtualization Abel Gordon Nadav Amit Nadav Har El Muli Ben-Yehuda, Alex Landau Assaf Schuster Dan Tsafrir IBM Research Haifa Technion Israel Institute of Technology

More information

ELI: Bare-Metal Performance for I/O Virtualization

ELI: Bare-Metal Performance for I/O Virtualization ELI: Bare-Metal Performance for I/O Virtualization Abel Gordon Nadav Amit Nadav Har El Muli Ben-Yehuda, Alex Landau Assaf Schuster Dan Tsafrir IBM Research Haifa Technion Israel Institute of Technology

More information

A Hypervisor IPS based on Hardware assisted Virtualization Technology

A Hypervisor IPS based on Hardware assisted Virtualization Technology A Hypervisor IPS based on Hardware assisted Virtualization Technology 1. Introduction Junichi Murakami (murakami@fourteenforty.jp) Fourteenforty Research Institute, Inc. Recently malware has become more

More information

Networked I/O for Virtual Machines

Networked I/O for Virtual Machines Networked I/O for Virtual Machines Approaches and Challenges Muli Ben-Yehuda, Ben-Ami Yassour, Orit Wasserman {muli,benami,oritw}@il.ibm.com IBM Haifa Research Lab Networked I/O for Virtual Machines p.

More information

ELI: Bare-Metal Performance for I/O Virtualization

ELI: Bare-Metal Performance for I/O Virtualization : Bare-Metal Performance for I/O Virtualization Abel Gordon 1 Nadav Amit 2 Nadav Har El 1 Muli Ben-Yehuda 21 Alex Landau 1 Assaf Schuster 2 Dan Tsafrir 2 1 IBM Research Haifa 2 Technion Israel Institute

More information

Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor?

Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor? Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor? Mr. Jacob Torrey February 26, 2014 Dartmouth College 153 Brooks Road, Rome, NY 315.336.3306 http://ainfosec.com @JacobTorrey

More information

Nested Virtualization

Nested Virtualization Nested Virtualization Dongxiao Xu, Xiantao Zhang, Yang Zhang May 9, 2013 Agenda Nested Virtualization Overview Dive into Nested Virtualization Details Nested CPU Virtualization Nested MMU Virtualization

More information

Distributed Systems. Virtualization. Paul Krzyzanowski pxk@cs.rutgers.edu

Distributed Systems. Virtualization. Paul Krzyzanowski pxk@cs.rutgers.edu Distributed Systems Virtualization Paul Krzyzanowski pxk@cs.rutgers.edu Except as otherwise noted, the content of this presentation is licensed under the Creative Commons Attribution 2.5 License. Virtualization

More information

The Turtles Project: Design and Implementation of Nested Virtualization

The Turtles Project: Design and Implementation of Nested Virtualization The Turtles Project: Design and Implementation of Nested Virtualization Muli Ben-Yehuda Michael D. Day Zvi Dubitzky Michael Factor Nadav Har El muli@il.ibm.com mdday@us.ibm.com dubi@il.ibm.com factor@il.ibm.com

More information

Virtualization. Pradipta De pradipta.de@sunykorea.ac.kr

Virtualization. Pradipta De pradipta.de@sunykorea.ac.kr Virtualization Pradipta De pradipta.de@sunykorea.ac.kr Today s Topic Virtualization Basics System Virtualization Techniques CSE506: Ext Filesystem 2 Virtualization? A virtual machine (VM) is an emulation

More information

matasano Hardware Virtualization Rootkits Dino A. Dai Zovi

matasano Hardware Virtualization Rootkits Dino A. Dai Zovi Hardware Virtualization Rootkits Dino A. Dai Zovi Agenda Introductions Virtualization (Software and Hardware) Intel VT-x (aka Vanderpool ) VM Rootkits Implementing a VT-x based Rootkit Detecting Hardware-VM

More information

COS 318: Operating Systems. Virtual Machine Monitors

COS 318: Operating Systems. Virtual Machine Monitors COS 318: Operating Systems Virtual Machine Monitors Kai Li and Andy Bavier Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall13/cos318/ Introduction u Have

More information

Uses for Virtual Machines. Virtual Machines. There are several uses for virtual machines:

Uses for Virtual Machines. Virtual Machines. There are several uses for virtual machines: Virtual Machines Uses for Virtual Machines Virtual machine technology, often just called virtualization, makes one computer behave as several computers by sharing the resources of a single computer between

More information

Cloud Computing #6 - Virtualization

Cloud Computing #6 - Virtualization Cloud Computing #6 - Virtualization Main source: Smith & Nair, Virtual Machines, Morgan Kaufmann, 2005 Today What do we mean by virtualization? Why is it important to cloud? What is the penalty? Current

More information

Full and Para Virtualization

Full and Para Virtualization Full and Para Virtualization Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF x86 Hardware Virtualization The x86 architecture offers four levels

More information

Virtualization Technology. Zhiming Shen

Virtualization Technology. Zhiming Shen Virtualization Technology Zhiming Shen Virtualization: rejuvenation 1960 s: first track of virtualization Time and resource sharing on expensive mainframes IBM VM/370 Late 1970 s and early 1980 s: became

More information

Virtual Machines. COMP 3361: Operating Systems I Winter 2015 http://www.cs.du.edu/3361

Virtual Machines. COMP 3361: Operating Systems I Winter 2015 http://www.cs.du.edu/3361 s COMP 3361: Operating Systems I Winter 2015 http://www.cs.du.edu/3361 1 Virtualization! Create illusion of multiple machines on the same physical hardware! Single computer hosts multiple virtual machines

More information

Virtualization. Dr. Yingwu Zhu

Virtualization. Dr. Yingwu Zhu Virtualization Dr. Yingwu Zhu What is virtualization? Virtualization allows one computer to do the job of multiple computers. Virtual environments let one computer host multiple operating systems at the

More information

x86 Virtualization Hardware Support Pla$orm Virtualiza.on

x86 Virtualization Hardware Support Pla$orm Virtualiza.on x86 Virtualization Hardware Support Pla$orm Virtualiza.on Hide the physical characteris.cs of computer resources from the applica.ons Not a new idea: IBM s CP- 40 1967, CP/CMS, VM Full Virtualiza.on Simulate

More information

CS 695 Topics in Virtualization and Cloud Computing. More Introduction + Processor Virtualization

CS 695 Topics in Virtualization and Cloud Computing. More Introduction + Processor Virtualization CS 695 Topics in Virtualization and Cloud Computing More Introduction + Processor Virtualization (source for all images: Virtual Machines: Versatile Platforms for Systems and Processes Morgan Kaufmann;

More information

Nested Virtualization

Nested Virtualization Nested Virtualization Introduction and improvements Bandan Das Karen Noel 2 Outline Introduction When things don't work Note on AMD Speeding up Wrap-up References 3 Introduction Nested Virtualization Linux

More information

Microkernels, virtualization, exokernels. Tutorial 1 CSC469

Microkernels, virtualization, exokernels. Tutorial 1 CSC469 Microkernels, virtualization, exokernels Tutorial 1 CSC469 Monolithic kernel vs Microkernel Monolithic OS kernel Application VFS System call User mode What was the main idea? What were the problems? IPC,

More information

The Microsoft Windows Hypervisor High Level Architecture

The Microsoft Windows Hypervisor High Level Architecture The Microsoft Windows Hypervisor High Level Architecture September 21, 2007 Abstract The Microsoft Windows hypervisor brings new virtualization capabilities to the Windows Server operating system. Its

More information

Virtual Machine Security

Virtual Machine Security Virtual Machine Security CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/ 1 Operating System Quandary Q: What is the primary goal

More information

Virtualization Detection: New Strategies and Their Effectiveness

Virtualization Detection: New Strategies and Their Effectiveness Virtualization Detection: New Strategies and Their Effectiveness Christopher Thompson cthomp@cs.umn.edu Maria Huntley huntl030@umn.edu Chad Link linkx055@umn.edu ABSTRACT Previous methods for detecting

More information

Virtualization. ! Physical Hardware. ! Software. ! Isolation. ! Software Abstraction. ! Encapsulation. ! Virtualization Layer. !

Virtualization. ! Physical Hardware. ! Software. ! Isolation. ! Software Abstraction. ! Encapsulation. ! Virtualization Layer. ! Starting Point: A Physical Machine Virtualization Based on materials from: Introduction to Virtual Machines by Carl Waldspurger Understanding Intel Virtualization Technology (VT) by N. B. Sahgal and D.

More information

Introduction to Virtual Machines

Introduction to Virtual Machines Introduction to Virtual Machines Carl Waldspurger (SB SM 89, PhD 95), VMware R&D 2010 VMware Inc. All rights reserved Overview Virtualization and VMs Processor Virtualization Memory Virtualization I/O

More information

Basics in Energy Information (& Communication) Systems Virtualization / Virtual Machines

Basics in Energy Information (& Communication) Systems Virtualization / Virtual Machines Basics in Energy Information (& Communication) Systems Virtualization / Virtual Machines Dr. Johann Pohany, Virtualization Virtualization deals with extending or replacing an existing interface so as to

More information

Brian Walters. 1999. VMware Virtual Platform. Linux J. 1999, 63es, Article 6 (July 1999).

Brian Walters. 1999. VMware Virtual Platform. Linux J. 1999, 63es, Article 6 (July 1999). Implements BIOS emulation support for BHyVe: A BSD Hypervisor Abstract Current BHyVe only supports FreeBSD/amd6 as a GuestOS. One of the reason why BHyVe cannot support other OSes is lack of BIOS support.

More information

Virtualization Technologies

Virtualization Technologies 12 January 2010 Virtualization Technologies Alex Landau (lalex@il.ibm.com) IBM Haifa Research Lab What is virtualization? Virtualization is way to run multiple operating systems and user applications on

More information

Chapter 5 Cloud Resource Virtualization

Chapter 5 Cloud Resource Virtualization Chapter 5 Cloud Resource Virtualization Contents Virtualization. Layering and virtualization. Virtual machine monitor. Virtual machine. Performance and security isolation. Architectural support for virtualization.

More information

Virtual machines and operating systems

Virtual machines and operating systems V i r t u a l m a c h i n e s a n d o p e r a t i n g s y s t e m s Virtual machines and operating systems Krzysztof Lichota lichota@mimuw.edu.pl A g e n d a Virtual machines and operating systems interactions

More information

CS5460: Operating Systems. Lecture: Virtualization 2. Anton Burtsev March, 2013

CS5460: Operating Systems. Lecture: Virtualization 2. Anton Burtsev March, 2013 CS5460: Operating Systems Lecture: Virtualization 2 Anton Burtsev March, 2013 Paravirtualization: Xen Full virtualization Complete illusion of physical hardware Trap _all_ sensitive instructions Virtualized

More information

Knut Omang Ifi/Oracle 19 Oct, 2015

Knut Omang Ifi/Oracle 19 Oct, 2015 Software and hardware support for Network Virtualization Knut Omang Ifi/Oracle 19 Oct, 2015 Motivation Goal: Introduction to challenges in providing fast networking to virtual machines Prerequisites: What

More information

On the Feasibility of Software Attacks on Commodity Virtual Machine Monitors via Direct Device Assignment

On the Feasibility of Software Attacks on Commodity Virtual Machine Monitors via Direct Device Assignment On the Feasibility of Software Attacks on Commodity Virtual Machine Monitors via Direct Device Assignment Gábor Pék CrySyS Lab, BME Budapest, Hungary pek@crysys.hu Davide Balzarotti Eurecom Sophia Anitpolis,

More information

Bluepilling the Xen Hypervisor

Bluepilling the Xen Hypervisor Bluepilling the Xen Hypervisor Joanna Rutkowska & Alexander Tereshkin Invisible Things Lab Black Hat USA 2008, August 7th, Las Vegas, NV Xen 0wning Trilogy Part Three Previously on Xen 0wning Trilogy...

More information

Clouds, Virtualization and Security or Look Out Below

Clouds, Virtualization and Security or Look Out Below Clouds, Virtualization and Security or Look Out Below Lee Badger Hardware Virtualization (Box View) 1 2 dom0 HW type 1 Para-virtualization I/O Host HW type 2 dom0 HW type 1 Full virtualization I/O Host

More information

kvm: Kernel-based Virtual Machine for Linux

kvm: Kernel-based Virtual Machine for Linux kvm: Kernel-based Virtual Machine for Linux 1 Company Overview Founded 2005 A Delaware corporation Locations US Office Santa Clara, CA R&D - Netanya/Poleg Funding Expertise in enterprise infrastructure

More information

Cloud Computing. Dipl.-Wirt.-Inform. Robert Neumann

Cloud Computing. Dipl.-Wirt.-Inform. Robert Neumann Cloud Computing Dipl.-Wirt.-Inform. Robert Neumann Pre-Cloud Provisioning Provisioned IT Capacity Load Forecast IT Capacity Overbuy Underbuy Fixed Cost for Capacity Investment Hurdle Real Load Time 144

More information

Virtualization. Types of Interfaces

Virtualization. Types of Interfaces Virtualization Virtualization: extend or replace an existing interface to mimic the behavior of another system. Introduced in 1970s: run legacy software on newer mainframe hardware Handle platform diversity

More information

Cloud Architecture and Virtualisation. Lecture 4 Virtualisation

Cloud Architecture and Virtualisation. Lecture 4 Virtualisation Cloud Architecture and Virtualisation Lecture 4 Virtualisation TOC Introduction to virtualisation Layers and interfaces Virtual machines and virtual machine managers Hardware support Security 2 Virtualisation

More information

KVM: A Hypervisor for All Seasons. Avi Kivity avi@qumranet.com

KVM: A Hypervisor for All Seasons. Avi Kivity avi@qumranet.com KVM: A Hypervisor for All Seasons Avi Kivity avi@qumranet.com November 2007 Virtualization Simulation of computer system in software Components Processor: register state, instructions, exceptions Memory

More information

Kernel Virtual Machine

Kernel Virtual Machine Kernel Virtual Machine Shashank Rachamalla Indian Institute of Technology Dept. of Computer Science November 24, 2011 Abstract KVM(Kernel-based Virtual Machine) is a full virtualization solution for x86

More information

Compromise-as-a-Service

Compromise-as-a-Service ERNW GmbH Carl-Bosch-Str. 4 D-69115 Heidelberg 3/31/14 Compromise-as-a-Service Our PleAZURE Felix Wilhelm & Matthias Luft {fwilhelm, mluft}@ernw.de ERNW GmbH Carl-Bosch-Str. 4 D-69115 Heidelberg Agenda

More information

MOS - VIRTUALIZATION. Tobias Stumpf WS 2014/15

MOS - VIRTUALIZATION. Tobias Stumpf WS 2014/15 MOS - VIRTUALIZATION Tobias Stumpf WS 2014/15 Goals Give you an overview about: virtualization and virtual machines in general, hardware virtualization on x86, our research regarding virtualization. We

More information

Cloud^H^H^H^H^H Virtualization Technology. Andrew Jones (drjones@redhat.com) May 2011

Cloud^H^H^H^H^H Virtualization Technology. Andrew Jones (drjones@redhat.com) May 2011 Cloud^H^H^H^H^H Virtualization Technology Andrew Jones (drjones@redhat.com) May 2011 Outline Promise to not use the word Cloud again...but still give a couple use cases for Virtualization Emulation it's

More information

Using Linux as Hypervisor with KVM

Using Linux as Hypervisor with KVM Using Linux as Hypervisor with KVM Qumranet Inc. Andrea Arcangeli andrea@qumranet.com (some slides from Avi Kivity) CERN - Geneve 15 Sep 2008 Agenda Overview/feature list KVM design vs other virtualization

More information

Exploiting the x86 Architecture to Derive Virtual Machine State Information

Exploiting the x86 Architecture to Derive Virtual Machine State Information 2010 Fourth International Conference on Emerging Security Information, Systems and Technologies Exploiting the x86 Architecture to Derive Virtual Machine State Information Jonas Pfoh, Christian Schneider,

More information

Hypervisors and Virtual Machines

Hypervisors and Virtual Machines Hypervisors and Virtual Machines Implementation Insights on the x86 Architecture DON REVELLE Don is a performance engineer and Linux systems/kernel programmer, specializing in high-volume UNIX, Web, virtualization,

More information

Virtual Machine Monitors. Dr. Marc E. Fiuczynski Research Scholar Princeton University

Virtual Machine Monitors. Dr. Marc E. Fiuczynski Research Scholar Princeton University Virtual Machine Monitors Dr. Marc E. Fiuczynski Research Scholar Princeton University Introduction Have been around since 1960 s on mainframes used for multitasking Good example VM/370 Have resurfaced

More information

Hypervisor-Based, Hardware-Assisted System Monitoring

Hypervisor-Based, Hardware-Assisted System Monitoring Horst Görtz Institute for IT-Security, Chair for System Security VMRay GmbH Hypervisor-Based, Hardware-Assisted System Monitoring VB2013 October 2-4, 2013 Berlin Carsten Willems, Ralf Hund, Thorsten Holz

More information

Survey On Hypervisors

Survey On Hypervisors Survey On Hypervisors Naveed Alam School Of Informatics and Computing Indiana University Bloomington nalam@indiana.edu ABSTRACT Virtual machines are increasing in popularity and are being widely adopted.

More information

Attacking Hypervisors via Firmware and Hardware

Attacking Hypervisors via Firmware and Hardware Attacking Hypervisors via Firmware and Hardware Alex Matrosov (@matrosov), Mikhail Gorobets, Oleksandr Bazhaniuk (@ABazhaniuk), Andrew Furtak, Yuriy Bulygin (@c7zero) Advanced Threat Research Agenda Hypervisor

More information

Beyond the Hypervisor

Beyond the Hypervisor Beyond the Hypervisor A Technical Roadmap for Open Virtualization, Linux, KVM Mike Day Distinguished Engineer, Chief Virtualization Architect, Open Systems Development Saturday, February 22, 2014 1 mdday@us.ibm.com

More information

Cloud Computing CS 15-319

Cloud Computing CS 15-319 Cloud Computing CS 15-319 Virtualization Case Studies : Xen and VMware Lecture 20 Majd F. Sakr, Mohammad Hammoud and Suhail Rehman 1 Today Last session Resource Virtualization Today s session Virtualization

More information

Virtualization in Linux KVM + QEMU

Virtualization in Linux KVM + QEMU CS695 Topics in Virtualization and Cloud Computing KVM + QEMU Senthil, Puru, Prateek and Shashank 1 Topics covered KVM and QEMU Architecture VTx support CPU virtualization in KMV Memory virtualization

More information

Detection of virtual machine monitor corruptions

Detection of virtual machine monitor corruptions Detection of virtual machine monitor corruptions Benoît Morgan, Eric Alata, Vincent Nicomette LAAS-CNRS - Dependable Computing and Fault Tolerance (TSF) Team Journée SEC 2 - June 30th, 2015 Detection of

More information

Virtualization. P. A. Wilsey. The text highlighted in green in these slides contain external hyperlinks. 1 / 16

Virtualization. P. A. Wilsey. The text highlighted in green in these slides contain external hyperlinks. 1 / 16 Virtualization P. A. Wilsey The text highlighted in green in these slides contain external hyperlinks. 1 / 16 Conventional System Viewed as Layers This illustration is a common presentation of the application/operating

More information

Architecture of the Kernel-based Virtual Machine (KVM)

Architecture of the Kernel-based Virtual Machine (KVM) Corporate Technology Architecture of the Kernel-based Virtual Machine (KVM) Jan Kiszka, Siemens AG, CT T DE IT 1 Corporate Competence Center Embedded Linux jan.kiszka@siemens.com Copyright Siemens AG 2010.

More information

KVM on S390x. Revolutionizing the Mainframe

KVM on S390x. Revolutionizing the Mainframe KVM on S390x Revolutionizing the Mainframe Audience In depth technology High level overview Audience In depth technology High level overview Yes, you get both! S390x? Mainframe Highly available Highly

More information

Toward Exitless and Efficient Paravirtual I/O

Toward Exitless and Efficient Paravirtual I/O June 2012 Toward Exitless and Efficient Paravirtual I/O IBM Research Haifa Abel Gordon, Nadav Har'El, Alex Landau, Muli Ben-Yehuda, Avishay Traeger 2009 IBM Corporation I/O virtualization models In ELI:

More information

Practical Protection of Kernel Integrity for Commodity OS from Untrusted Extensions

Practical Protection of Kernel Integrity for Commodity OS from Untrusted Extensions Practical Protection of Kernel Integrity for Commodity OS from Untrusted Extensions Xi Xiong The Pennsylvania State University xixiong@cse.psu.edu Donghai Tian The Pennsylvania State University Beijing

More information

Secure In-VM Monitoring Using Hardware Virtualization

Secure In-VM Monitoring Using Hardware Virtualization Secure In-VM Monitoring Using Hardware Virtualization Monirul Sharif Georgia Institute of Technology Atlanta, GA, USA msharif@cc.gatech.edu Wenke Lee Georgia Institute of Technology Atlanta, GA, USA wenke@cc.gatech.edu

More information

Virtualization. 2010 VMware Inc. All rights reserved

Virtualization. 2010 VMware Inc. All rights reserved Virtualization Based on materials from: Introduction to Virtual Machines by Carl Waldspurger Understanding Intel Virtualization Technology (VT) by N. B. Sahgal and D. Rodgers Intel Virtualization Technology

More information

Virtualization. Jia Rao Assistant Professor in CS http://cs.uccs.edu/~jrao/

Virtualization. Jia Rao Assistant Professor in CS http://cs.uccs.edu/~jrao/ Virtualization Jia Rao Assistant Professor in CS http://cs.uccs.edu/~jrao/ What is Virtualization? Virtualization is the simulation of the software and/ or hardware upon which other software runs. This

More information

Xen and the Art of. Virtualization. Ian Pratt

Xen and the Art of. Virtualization. Ian Pratt Xen and the Art of Virtualization Ian Pratt Keir Fraser, Steve Hand, Christian Limpach, Dan Magenheimer (HP), Mike Wray (HP), R Neugebauer (Intel), M Williamson (Intel) Computer Laboratory Outline Virtualization

More information

KVM/ARM: Experiences Building the Linux ARM Hypervisor

KVM/ARM: Experiences Building the Linux ARM Hypervisor KVM/ARM: Experiences Building the Linux ARM Hypervisor Christoffer Dall and Jason Nieh {cdall, nieh}@cs.columbia.edu Department of Computer Science, Columbia University Technical Report CUCS-010-13 April

More information

Virtual Machines. Virtualization

Virtual Machines. Virtualization Virtual Machines Marie Roch Tanenbaum 8.3 contains slides from: Tanenbaum 3 rd ed. 2008 1 Virtualization Started with the IBM System/360 in the 1960s Basic concept simulate multiple copies of the underlying

More information

Virtualization. Jukka K. Nurminen 23.9.2015

Virtualization. Jukka K. Nurminen 23.9.2015 Virtualization Jukka K. Nurminen 23.9.2015 Virtualization Virtualization refers to the act of creating a virtual (rather than actual) version of something, including virtual computer hardware platforms,

More information

System Virtual Machines

System Virtual Machines System Virtual Machines Introduction Key concepts Resource virtualization processors memory I/O devices Performance issues Applications 1 Introduction System virtual machine capable of supporting multiple

More information

Multi-core Programming System Overview

Multi-core Programming System Overview Multi-core Programming System Overview Based on slides from Intel Software College and Multi-Core Programming increasing performance through software multi-threading by Shameem Akhter and Jason Roberts,

More information

How To Understand The Power Of A Virtual Machine Monitor (Vm) In A Linux Computer System (Or A Virtualized Computer)

How To Understand The Power Of A Virtual Machine Monitor (Vm) In A Linux Computer System (Or A Virtualized Computer) KVM - The kernel-based virtual machine Timo Hirt timohirt@gmx.de 13. Februar 2010 Abstract Virtualization has been introduced in the 1960s, when computing systems were large and expensive to operate. It

More information

Attacking Hypervisors via Firmware and Hardware

Attacking Hypervisors via Firmware and Hardware Attacking Hypervisors via Firmware and Hardware Mikhail Gorobets, Oleksandr Bazhaniuk, Alex Matrosov, Andrew Furtak, Yuriy Bulygin Advanced Threat Research Agenda Hypervisor based isolation Firmware rootkit

More information

FRONT FLYLEAF PAGE. This page has been intentionally left blank

FRONT FLYLEAF PAGE. This page has been intentionally left blank FRONT FLYLEAF PAGE This page has been intentionally left blank Abstract The research performed under this publication will combine virtualization technology with current kernel debugging techniques to

More information

KVM Security Comparison

KVM Security Comparison atsec information security corporation 9130 Jollyville Road, Suite 260 Austin, TX 78759 Tel: 512-349-7525 Fax: 512-349-7933 www.atsec.com KVM Security Comparison a t s e c i n f o r m a t i o n s e c u

More information

Enabling Intel Virtualization Technology Features and Benefits

Enabling Intel Virtualization Technology Features and Benefits WHITE PAPER Intel Virtualization Technology Enterprise Server Enabling Intel Virtualization Technology Features and Benefits Maximizing the benefits of virtualization with Intel s new CPUs and chipsets

More information

KVM Architecture Overview

KVM Architecture Overview KVM Architecture Overview 2015 Edition Stefan Hajnoczi 1 Introducing KVM virtualization KVM hypervisor runs virtual machines on Linux hosts Mature on x86, recent progress on ARM and

More information

Virtualization. Explain how today s virtualization movement is actually a reinvention

Virtualization. Explain how today s virtualization movement is actually a reinvention Virtualization Learning Objectives Explain how today s virtualization movement is actually a reinvention of the past. Explain how virtualization works. Discuss the technical challenges to virtualization.

More information

Hardware Based Virtualization Technologies. Elsie Wahlig elsie.wahlig@amd.com Platform Software Architect

Hardware Based Virtualization Technologies. Elsie Wahlig elsie.wahlig@amd.com Platform Software Architect Hardware Based Virtualization Technologies Elsie Wahlig elsie.wahlig@amd.com Platform Software Architect Outline What is Virtualization? Evolution of Virtualization AMD Virtualization AMD s IO Virtualization

More information

Recursive Virtual Machines for Advanced Security Mechanisms

Recursive Virtual Machines for Advanced Security Mechanisms Recursive Virtual Machines for Advanced Security Mechanisms Bernhard Kauer Universidade de Lisboa Faculdade de Ciências LaSIGE kauer@fc.ul.pt Paulo Verissimo, Fellow, IEEE Universidade de Lisboa Faculdade

More information

Hardware Assisted Virtualization

Hardware Assisted Virtualization Hardware Assisted Virtualization G. Lettieri 21 Oct. 2015 1 Introduction In the hardware-assisted virtualization technique we try to execute the instructions of the target machine directly on the host

More information

Virtualization. P. A. Wilsey. The text highlighted in green in these slides contain external hyperlinks. 1 / 16

Virtualization. P. A. Wilsey. The text highlighted in green in these slides contain external hyperlinks. 1 / 16 1 / 16 Virtualization P. A. Wilsey The text highlighted in green in these slides contain external hyperlinks. 2 / 16 Conventional System Viewed as Layers This illustration is a common presentation of the

More information

CSE490H: Virtualization

CSE490H: Virtualization CSE490H: Virtualization It s turtles all the way down Steve Gribble Associate Professor, CSE [on sabbatical at Google as a visiting scientist] 1 Some simple terms a virtual machine: a software-based implementation

More information

Virtualisation Without a Hypervisor in Cloud Infrastructures: An Initial Analysis

Virtualisation Without a Hypervisor in Cloud Infrastructures: An Initial Analysis Virtualisation Without a Hypervisor in Cloud Infrastructures: An Initial Analysis William A. R. de Souza and Allan Tomlinson Information Security Group Royal Holloway, University of London Egham Hill,

More information

x86 ISA Modifications to support Virtual Machines

x86 ISA Modifications to support Virtual Machines x86 ISA Modifications to support Virtual Machines Douglas Beal Ashish Kumar Gupta CSE 548 Project Outline of the talk Review of Virtual Machines What complicates Virtualization Technique for Virtualization

More information

Hybrid Virtualization The Next Generation of XenLinux

Hybrid Virtualization The Next Generation of XenLinux Hybrid Virtualization The Next Generation of XenLinux Jun Nakajima Principal Engineer Intel Open Source Technology Center Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL

More information

Hypervisor Memory Forensics

Hypervisor Memory Forensics Hypervisor Memory Forensics Mariano Graziano and Davide Balzarotti SANS DFIR EU SUMMIT October 2013 - Prague S3 GROUP S3 GROUP Actaeon Memory forensics of virtualization environments Locate any Intel Hardware

More information

KVM: Kernel-based Virtualization Driver

KVM: Kernel-based Virtualization Driver KVM: Kernel-based Virtualization Driver White Paper Overview The current interest in virtualization has led to the creation of several different hypervisors. Most of these, however, predate hardware-assisted

More information

How To Stop A Malicious Process From Running On A Hypervisor

How To Stop A Malicious Process From Running On A Hypervisor Hypervisor-Based Systems for Malware Detection and Prevention Yoshihiro Oyama ( 大 山 恵 弘 ) The University of Electro-Communications ( 電 気 通 信 大 学 ), Tokyo, Japan This Talk I introduce two hypervisor-based

More information

ARM Virtualization: CPU & MMU Issues

ARM Virtualization: CPU & MMU Issues ARM Virtualization: CPU & MMU Issues Prashanth Bungale, Sr. Member of Technical Staff 2010 VMware Inc. All rights reserved Overview Virtualizability and Sensitive Instructions ARM CPU State Sensitive Instructions

More information

The Xen of Virtualization

The Xen of Virtualization The Xen of Virtualization Assignment for CLC-MIRI Amin Khan Universitat Politècnica de Catalunya March 4, 2013 Amin Khan (UPC) Xen Hypervisor March 4, 2013 1 / 19 Outline 1 Introduction 2 Architecture

More information

COS 318: Operating Systems. Virtual Machine Monitors

COS 318: Operating Systems. Virtual Machine Monitors COS 318: Operating Systems Virtual Machine Monitors Andy Bavier Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall10/cos318/ Introduction Have been around

More information

Operating Systems. Lecture 03. February 11, 2013

Operating Systems. Lecture 03. February 11, 2013 Operating Systems Lecture 03 February 11, 2013 Goals for Today Interrupts, traps and signals Hardware Protection System Calls Interrupts, Traps, and Signals The occurrence of an event is usually signaled

More information

Introduction to Virtualization & KVM

Introduction to Virtualization & KVM Introduction to Virtualization & KVM By Zahra Moezkarimi ICT Research Institute Software Platform Laboratory Outline Virtualization History Overview Advantages and Limitations Types of virtualization Virtualization

More information

Intel Virtualization Technology Overview Yu Ke

Intel Virtualization Technology Overview Yu Ke Intel Virtualization Technology Overview Yu Ke SSG System Software Division Agenda Virtualization Overview Intel Virtualization Technology 2 What is Virtualization VM 0 VM 1 VM n Virtual Machines (VMs)

More information

Nested Virtualization

Nested Virtualization Nested Virtualization State of the art and future directions Bandan Das Yang Z Zhang Jan Kiszka 2 Outline Introduction Changes and Missing Features for AMD Changes and Missing Features for Intel Working

More information

Virtual Machines and Security Paola Stone Martinez East Carolina University November, 2013.

Virtual Machines and Security Paola Stone Martinez East Carolina University November, 2013. Virtual Machines and Security Paola Stone Martinez East Carolina University November, 2013. Keywords: virtualization, virtual machine, security. 1. Virtualization The rapid growth of technologies, nowadays,

More information

Virtualization Security: Virtual Machine Monitoring and Introspection

Virtualization Security: Virtual Machine Monitoring and Introspection Virtualization Security: Virtual Machine Monitoring and Introspection Fotis Tsifountidis Technical Report RHUL MA 2011 09 8th March 2011 Department of Mathematics Royal Holloway, University of London Egham,

More information

BHyVe. BSD Hypervisor. Neel Natu Peter Grehan

BHyVe. BSD Hypervisor. Neel Natu Peter Grehan BHyVe BSD Hypervisor Neel Natu Peter Grehan 1 Introduction BHyVe stands for BSD Hypervisor Pronounced like beehive Type 2 Hypervisor (aka hosted hypervisor) FreeBSD is the Host OS Availability NetApp is

More information
2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback | Do Not Sell My Personal Information