Hypervisor introspection: a technique for evading passive virtual machine monitoring
Wang, Gary L
Loading…
Permalink
https://hdl.handle.net/2142/78671
Description
Title
Hypervisor introspection: a technique for evading passive virtual machine monitoring
Author(s)
Wang, Gary L
Issue Date
2015-04-27
Department of Study
Computer Science
Discipline
Computer Science
Degree Granting Institution
University of Illinois at Urbana-Champaign
Degree Name
M.S.
Degree Level
Thesis
Keyword(s)
security
virtual machine introspection (VMI)
side-channel
cloud
Abstract
Virtualization technology has enabled powerful security monitoring techniques, such as virtual machine introspection (VMI). These monitoring techniques, however, rely on the assumed isolation of virtualized environments from the hypervisor. We show that there are still some events that can be observed that break this isolation. External observers can discern when virtual machines are suspended due to hypervisor activity, and can use this information to mount advanced attacks that go undetected by VMI monitoring systems. We demonstrate some example attacks against realistic monitors using our technique, and discuss existing and potential defenses against these kinds of attacks.
Use this login method if you
don't
have an
@illinois.edu
email address.
(Oops, I do have one)
IDEALS migrated to a new platform on June 23, 2022. If you created
your account prior to this date, you will have to reset your password
using the forgot-password link below.
