Cloud Security Is Not (Just) Virtualization Security



Similar documents
A Hypervisor IPS based on Hardware assisted Virtualization Technology

Windows Server 2008 R2 Hyper V. Public FAQ

CHOOSING THE RIGHT RED HAT ENTERPRISE LINUX SUBSCRIPTION. Gerry Riveros Senior Manager Server Solutions, Red Hat May 6, 2011

x86 ISA Modifications to support Virtual Machines

Security Aspects of Cloud Computing

Virtualization with Windows

Operating System Fingerprinting for Virtual Machines

SUSE Linux Enterprise 10 SP2: Virtualization Technology Support

MS-6422A - Implement and Manage Microsoft Windows Server Hyper-V

Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor?

Server Virtualization and Consolidation

M6422A Implementing and Managing Windows Server 2008 Hyper-V

Disaster Recovery Infrastructure

Cooperation of Operating Systems with Hyper-V. Bartek Nowierski Software Development Engineer, Hyper-V Microsoft Corporation

Virtualization System Vulnerability Discovery Framework. Speaker: Qinghao Tang Title:360 Marvel Team Leader

Servervirualisierung mit Citrix XenServer

Full and Para Virtualization

matasano Hardware Virtualization Rootkits Dino A. Dai Zovi

Microsoft Windows Server 2008: MS-6422 Implementing and Managing Hyper V Virtualization 6422

A Threat Model for a Cloud Infrastructure with no Hypervisor

Before we can talk about virtualization security, we need to delineate the differences between the

Red Hat enterprise virtualization 3.0 feature comparison

Virtualisation Without a Hypervisor in Cloud Infrastructures: An Initial Analysis

Virtualization System Security

Cloud Computing. Up until now

An overwhelming majority of IaaS clouds leverage virtualization for their foundation.

VIRTUALIZATION INTROSPECTION SYSTEM ON KVM-BASED CLOUD COMPUTING PLATFORMS. Advisor: Software Security Lab.

Outline. Outline. Why virtualization? Why not virtualize? Today s data center. Cloud computing. Virtual resource pool

Distributed Systems. Virtualization. Paul Krzyzanowski

Virtualization Technologies

Thomas Fahrig Senior Developer Hypervisor Team. Hypervisor Architecture Terminology Goals Basics Details

Run-Time Deep Virtual Machine Introspection & Its Applications

6422: Implementing and Managing Windows Server 2008 Hyper-V (3 Days)

Secure In-VM Monitoring Using Hardware Virtualization

Welcome to the IBM Education Assistant module for Tivoli Storage Manager version 6.2 Hyper-V backups. hyper_v_backups.ppt.

Real- Time Mul,- Core Virtual Machine Scheduling in Xen

TechTarget Windows Media

Hyper-V vs ESX at the datacenter

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

Survey on virtual machine security

Comparing Free Virtualization Products

Paragon Protect & Restore

IOS110. Virtualization 5/27/2014 1

VIRTUALIZATION 101. Brainstorm Conference 2013 PRESENTER INTRODUCTIONS

Lares: An Architecture for Secure Active Monitoring Using Virtualization

IBM Tivoli Composite Application Manager for Microsoft Applications: Microsoft Hyper-V Server Agent Version Fix Pack 2.

Copyright 2014, Oracle and/or its affiliates. All rights reserved.

Services Provider License Agreement Cloud Platform Suite & Guest

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

Introduction to Virtualization & KVM

Lecture 2 Cloud Computing & Virtualization. Cloud Application Development (SE808, School of Software, Sun Yat-Sen University) Yabo (Arber) Xu

Hypervisor Software and Virtual Machines. Professor Howard Burpee SMCC Computer Technology Dept.

Cutting Costs with Red Hat Enterprise Virtualization. Chuck Dubuque Product Marketing Manager, Red Hat June 24, 2010

Microkernels, virtualization, exokernels. Tutorial 1 CSC469

In addition to their professional experience, students who attend this training should have technical knowledge in the following areas.

CSE 501 Monday, September 09, 2013 Kevin Cleary

Unlimited Server 24/7/365 Support

Virtual Machine Security

Virtualization for Cloud Computing

The Benefits of POWER7+ and PowerVM over Intel and an x86 Hypervisor

The Plan Today... System Calls and API's Basics of OS design Virtual Machines

Virtualization Technologies. Embrace the new world of healthcare

In order to upload a VM you need to have a VM image in one of the following formats:

Server-centric client virtualization model reduces costs while improving security and flexibility.

Topic 5a Operating System Fundamentals

Introducing. Markus Erlacher Technical Solution Professional Microsoft Switzerland

Paragon Protect & Restore

Virtualization Technologies and Blackboard: The Future of Blackboard Software on Multi-Core Technologies

Implementing and Managing Windows Server 2008 Hyper-V

Uses for Virtual Machines. Virtual Machines. There are several uses for virtual machines:

Cloud^H^H^H^H^H Virtualization Technology. Andrew Jones May 2011

Parallels Desktop 4 for Windows and Linux Read Me

SUSE Manager. A Comprehensive Linux Server Management the Linux Way. Name. Title

KVM as a Microsoft-compatible hypervisor.

The future is in the management tools. Profoss 22/01/2008

Virtual Machines. Virtualization

Virtualization Technology (or how my Windows computer gave birth to a bunch of Linux computers)

Guardian: Hypervisor as Security Foothold for Personal Computers

The Art of Virtualization with Free Software

Windows 7 Virtualization Technologies

RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES

CS5460: Operating Systems. Lecture: Virtualization 2. Anton Burtsev March, 2013

KVM: A Hypervisor for All Seasons. Avi Kivity avi@qumranet.com

Developing a dynamic, real-time IT infrastructure with Red Hat integrated virtualization

Virtualization and Cloud Computing

Computing Service Provision in P2P Clouds

The XenServer Product Family:

Development of Type-2 Hypervisor for MIPS64 Based Systems

VICE Catch the hookers! (Plus new rootkit techniques) Jamie Butler Greg Hoglund

KVM on S390x. Revolutionizing the Mainframe

Backup & Recovery. 10 Suite PARAGON. Data Sheet. Automatization Features

Software Update for WinXP

Transcription:

Mihai Christodorescu, Reiner Sailer, Douglas Lee Schales, Daniele Sgandurra, Diego Zamboni IBM Research Cloud Security Is Not (Just) Virtualization Security

Virtualization Enables Many Security Applications Infrastructure clouds build on virtualization mechanisms. Virtualization allows for introspection into untrusted guest virtual machines (VMs). Kernel Code Integrity Firewall VM 1 VM 2 Access Control IDS AntiVirus Hypervisor Hardware Rootkit Detector 2 Friday the 13th

Problem: What s Inside Matters Semantic gap: How do you give structure and meaning to data and code pages? VM lifecycle (snapshots, migration, reboots, updates) vs. security monitor lifecycle. Information gap: How do you know you are monitoring the right data and code pages? VM 1 VM 2 Kernel Code Integrity Kernel Code Integrity Firewall Firewall Hypervisor IDS IDS Access Control Access Control AntiVirus AntiVirus Rootkit Detector Rootkit Detector Hardware 3 Friday the 13th

Our Contribution: Secure Introspection Key idea: combine discovery and integrity measurement of guest VM. Implicit benefit: OS discovery is free. Challenges: infected guest VM, non-cooperative guest OS. Result: Building block for security monitors that use introspection. 4 Friday the 13th

Why is Trust Needed? An Example. Goal: monitor the system-call table of the guest kernel. VM System-call table (SSDT) System-call dispatcher SDT mov cl,byte p mov edi,dword mov ebx,dword sub esp,ecx shr ecx,2 mov edi,esp cmp esi,dword jae nt!kisyst rep movs dword pt call ebx KTHREAD KPCR Hypervisor Interrupt table (IDT) (and/or MSRs) Hardware 5 Friday the 13th

Building Trust from Hardware State 1. Start with hardware state. 2. Explore code reachable directly from hardware. 3. Validate data structures that drive control flow. 4. Repeat as necessary. Interrupt table (IDT) (and/or MSRs) VM System-call table (SSDT) System-call dispatcher mov cl,byte p mov edi,dword mov ebx,dword sub esp,ecx shr ecx,2 mov edi,esp cmp esi,dword jae nt!kisyst rep movs dword pt call ebx Hypervisor SDT KTHREAD KPCR Hardware Note: Nothing OSspecific is used in this process. 6 Friday the 13th

Coverage How far can we reach into the kernel? Code reached without indirect-control flow Windows XP 52% Linux 2.6.24 24% with indirect-control flow 100% 7 Friday the 13th

Minimal Coverage Needed for OS Identification If we measure the code as we traverse it, we can identify the guest OS. (e.g., measure = hash the instruction stream in control-flow order ) Experimental observation: Code of one IDT entry is sufficient to identify the OS (and sometimes, that s all we can use.) 32-bit 124 124 103 WinXP WinXP SP1 WinXP SP2 WinXP SP3 64-bit 3 3 WinXP WinXP SP1 WinXP SP2 64-bit 9 4 Win2003 Win2003 SP1 Win2003 SP2 8 Friday the 13th

Code Measurement for Validation Measurement of same kernel across boots made more complex by self-modifying code. Microsoft Windows relocates certain modules by rewriting absolute pointers in the code. Linux rewrites parts of its code during boot depending on the processor characteristics: Replace LOCK prefixes with NOPs Both Windows and Linux support hot patching of the kernel: Linux: ksplice available since 2.6.24 Windows: capability built into Windows Vista and 7 9 Friday the 13th

Putting Everything Together: Secure Introspection Information gap: How do you know you are monitoring the right data and code pages? A guest code page is trusted only if: it is reachable from hardware state via other trusted code pages and its code is valid. A guest control-flow data structure is trusted only if: it is used by trusted code and it points to trusted code pages. Then a security monitor can reason about guest code and guest data that are trusted. 10 Friday the 13th

Mihai Christodorescu, Reiner Sailer, Douglas Lee Schales, Daniele Sgandurra, Diego Zamboni IBM Research Questions? Cloud Security Is Not (Just) Virtualization Security

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information