Virtual Switching Without a Hypervisor for a More Secure Cloud

Similar documents

NoHype: Virtualized Cloud Infrastructure without the Virtualization

Detection of virtual machine monitor corruptions

Full and Para Virtualization

IOS110. Virtualization 5/27/2014 1

Virtualization System Vulnerability Discovery Framework. Speaker: Qinghao Tang Title:360 Marvel Team Leader

COS 318: Operating Systems. Virtual Machine Monitors

COLO: COarse-grain LOck-stepping Virtual Machine for Non-stop Service

Network Performance Comparison of Multiple Virtual Machines

Enabling Technologies for Distributed Computing

Performance of Network Virtualization in Cloud Computing Infrastructures: The OpenStack Case.

Networked I/O for Virtual Machines

Enabling Technologies for Distributed and Cloud Computing

Achieving a High-Performance Virtual Network Infrastructure with PLUMgrid IO Visor & Mellanox ConnectX -3 Pro

Improving the Security of Commodity Hypervisors for Cloud Computing

StACC: St Andrews Cloud Computing Co laboratory. A Performance Comparison of Clouds. Amazon EC2 and Ubuntu Enterprise Cloud

KVM: A Hypervisor for All Seasons. Avi Kivity avi@qumranet.com

RPM Brotherhood: KVM VIRTUALIZATION TECHNOLOGY

Virtual Machine Monitors. Dr. Marc E. Fiuczynski Research Scholar Princeton University

ACANO SOLUTION VIRTUALIZED DEPLOYMENTS. White Paper. Simon Evans, Acano Chief Scientist

RED HAT ENTERPRISE VIRTUALIZATION

Virtual Machine Security

RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES

Outline. Outline. Why virtualization? Why not virtualize? Today s data center. Cloud computing. Virtual resource pool

RUNNING vtvax FOR WINDOWS

Chapter 5 Cloud Resource Virtualization

Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor?

Bridging the Gap between Software and Hardware Techniques for I/O Virtualization

Optimize Server Virtualization with QLogic s 10GbE Secure SR-IOV

Virtualization Technologies

Small is Better: Avoiding Latency Traps in Virtualized DataCenters

Before we can talk about virtualization security, we need to delineate the differences between the

Optimizing Network Virtualization in Xen

Securing Your Cloud with Xen Project s Advanced Security Features

Assessing the Performance of Virtualization Technologies for NFV: a Preliminary Benchmarking

Virtualised MikroTik

Virtualization. Dr. Yingwu Zhu

I/O Virtualization Using Mellanox InfiniBand And Channel I/O Virtualization (CIOV) Technology

Hypervisors. Introduction. Introduction. Introduction. Introduction. Introduction. Credits:

Virtualization. Pradipta De

Intro to Virtualization

Taming Hosted Hypervisors with (Mostly) Deprivileged Execution

How To Make A Minecraft Iommus Work On A Linux Kernel (Virtual) With A Virtual Machine (Virtual Machine) And A Powerpoint (Virtual Powerpoint) (Virtual Memory) (Iommu) (Vm) (

SUSE Linux Enterprise 10 SP2: Virtualization Technology Support

Privacy Protection in Virtualized Multi-tenant Cloud: Software and Hardware Approaches

Virtualization and Performance NSRC

Unifying Information Security

Optimizing Network Virtualization in Xen

Basics in Energy Information (& Communication) Systems Virtualization / Virtual Machines

Citrix XenServer 7 Feature Matrix

Cloud Operating Systems for Servers

Performance tuning Xen

GUEST OPERATING SYSTEM BASED PERFORMANCE COMPARISON OF VMWARE AND XEN HYPERVISOR

Virtual Computing and VMWare. Module 4

KVM Virtualized I/O Performance

2972 Linux Options and Best Practices for Scaleup Virtualization

Networking Virtualization Using FPGAs

Performance Evaluation of VMXNET3 Virtual Network Device VMware vsphere 4 build

Windows Server 2012 Hyper-V Virtual Switch Extension Software UNIVERGE PF1000 Overview. IT Network Global Solutions Division UNIVERGE Support Center

An Introduction to Service Containers

Xen Live Migration. Networks and Distributed Systems Seminar, 24 April Matúš Harvan Xen Live Migration 1

Introduction to Virtualization & KVM

Virtualization Performance Analysis November 2010 Effect of SR-IOV Support in Red Hat KVM on Network Performance in Virtualized Environments

Running vtserver in a Virtual Machine Environment. Technical Note by AVTware

Best Practices for Monitoring Databases on VMware. Dean Richards Senior DBA, Confio Software

Virtualization Technology. Zhiming Shen

Chapter 14 Virtual Machines

Programmable Networking with Open vswitch

A technical review on comparison of Xen and KVM hypervisors: An analysis of virtualization technologies

Accelerating Network Virtualization Overlays with QLogic Intelligent Ethernet Adapters

Compromise-as-a-Service

Red Hat enterprise virtualization 3.0 feature comparison

HP SN1000E 16 Gb Fibre Channel HBA Evaluation

Virtualizing a Virtual Machine

12. Introduction to Virtual Machines

Achieving Performance Isolation with Lightweight Co-Kernels

Container-based operating system virtualization: a scalable, high-performance alternative to hypervisors

Flight Processor Virtualization

Part 1 - What s New in Hyper-V 2012 R2. Clive.Watson@Microsoft.com Datacenter Specialist

Next Generation Now: Red Hat Enterprise Linux 6 Virtualization A Unique Cloud Approach. Jeff Ruby Channel Manager jruby@redhat.com

Networking for Caribbean Development

Virtualization and Cloud Computing

Microkernels, virtualization, exokernels. Tutorial 1 CSC469

1 Data Center Infrastructure Remote Monitoring

CSE 501 Monday, September 09, 2013 Kevin Cleary

VIRTUALIZATION technology [19], [21] offers many advantages

VMware vsphere 5.0 Boot Camp

Network Functions Virtualization on top of Xen

Cloud^H^H^H^H^H Virtualization Technology. Andrew Jones May 2011

Integration of Virtualized Workernodes in Batch Queueing Systems The ViBatch Concept

Virtualization for Cloud Computing

Cloud security CS642: Computer Security Professor Ristenpart h9p:// rist at cs dot wisc dot edu University of Wisconsin CS 642

Transcription:

ing Without a for a More Secure Cloud Xin Jin Princeton University Joint work with Eric Keller(UPenn) and Jennifer Rexford(Princeton) 1

Public Cloud Infrastructure Cloud providers offer computing resources on demand to multiple tenants Benefits: Public (any one can use) Economies of scale (lower cost) Flexibility (pay-as-you-go) 2

Server ization Multiple VMs run on the same server Benefits Efficient use of server resources Backward compatibility Examples Xen KVM VMware VM VM VM 3

Network ization switches Run in the hypervisor or the control VM () Benefits: Flexible control at the edge Access control Resource and name space isolation Efficient communication between co-located VMs Examples Open v VMware s v Cisco s Nexus 1000v VM VM 4

Security: a major impediment for moving to the cloud! Let s take a look at where the vulnerabilities are 5

Vulnerabilities in Server ization Guest VM 1 Guest VM 2 Guest VM 3 The hypervisor is quite complex Large amount of code > Bugs (NIST s National Vulnerability Database) 6

Vulnerabilities in Server ization Guest VM 1 Guest VM 2 Guest VM 3 The hypervisor is an attack surface (bugs, vulnerable) > Malicious customers attack the hypervisor 7

Vulnerabilities in Network ization Guest VM 1 Guest VM 2 Physical NIC switch in control VM () is involved in communication 8

Vulnerabilities in Network ization Guest VM 1 Guest VM 2 Physical NIC switch is coupled with the control VM > e.g., software switch crash can lead to a complete system crash 9

Disaggregation [e.g., SOSP 11] Guest VM 1 Guest VM 2 Service VM Service VM Service VM Service VM Disaggregate control VM () into smaller, single-purpose and independent components Malicious customer can still attack hypervisor! 10

NoHype [ISCA 10, CCS 11] Emulate, Manage Guest VM 1 Guest VM 2 Physical Device Driver ized Physical NIC Physical Device Driver Pre-allocating memory and cores Using hardware virtualized I/O devices is only used to boot up and shut down guest VMs. Eliminate the hypervisor attack surface What if I want to use a software switch? 11

ing in NoHype Emulate, Manage Guest VM 1 Guest VM 2 Guest VM 3 Physical Device Driver Physical Device Driver ized Physical NIC Bouncing packets through the physical NIC Consumes excessive bandwidth on PCI bus and the physical NIC! 12

Our Solution Overview Guest VM 1 DomS Guest VM 2 Emulate, Manage Physical NIC Eliminate the hypervisor attack surface Enable software switching in an efficient way 13

Eliminate the -Guest Interaction Guest VM 1 Polling FIFO FIFO Shared memory Two FIFO buffers for communication Polling only Do not use event channel; no hypervisor involvement 14

Limit Damage From a Compromised Guest Guest VM 1 VM 1 DomS Polling Polling Guest VM 1 DomS PollingFIFO FIFO FIFO FIFO FIFO Decouple software switch from Introduce a Domain (DomS) Decouple software switch from the hypervisor Eliminate the hypervisor attack surface 15

Guest VM 1 Preliminary Prototype Native Xen Guest VM 1 Polling FIFO FIFO Our Solution DomS Prototype based on Xen 4.1: used to boot up/shut down VMs Linux 3.1: kernel module to implement polling/fifo Open v 1.3 16

Preliminary Evaluation Guest VM 1 Native Xen Guest VM 1 Polling FIFO FIFO Our Solution DomS Evaluate the throughput between DomS and a guest VM, compared with native Xen Traffic measurement: Netperf Configuration: each VM has 1 core and 1GB of RAM 17

Evaluation on Throughput FIFO Size Polling period is fixed to 1ms Reach high throughput with just 256 FIFO pages (Only 1MB) Polling Period Shorter polling period, higher throughput CPU resource consumption? > Future work Throughput (Mbps) Throughput (Mbps) 1800 1500 1200 900 600 300 0 4000 3000 2000 1000 0 4 8 16 32 64 128 256 512 FIFO Pages (1 page = 4 KB) 0.05 0.25 0.5 0.75 1 1.25 1.5 1.75 2 Polling Period (ms) 18

Comparison with Native Xen Throughput (Mbps) 10000 8000 6000 4000 2000 0 Our Solution Native Xen 64 128 256 512 1K 2K 4K 8K 16K Message Size(Bytes) Outperforms native Xen when message size is smaller than 8 KB. Future work: incorporate more optimization 19

Conclusion and Future Work Trend towards software switching in the cloud Security in hypervisor and is a big concern Improve security by enabling software switching without hypervisor involvement Future work Detection and remediation of DomS compromise 20

Thanks! Q&A 21