• DocumentCode
    106507
  • Title

    Systemic threats to hypervisor non-control data

  • Author

    Baozeng Ding ; Yeping He ; Yanjun Wu ; Jiageng Yu

  • Author_Institution
    Nat. Eng. Res. Center for Fundamental Software, Inst. of Software, Beijing, China
  • Volume
    7
  • Issue
    4
  • fYear
    2013
  • fDate
    Dec-13
  • Firstpage
    349
  • Lastpage
    354
  • Abstract
    Hypervisors are becoming a widespread virtualisation layer in current computer systems. Recent successful attacks against hypervisors indicate that they face the similar integrity threats as traditional operating systems. Current approaches that secure hypervisors mainly focus on code or control-data integrity, without paying attention to non-control data integrity. In this study the authors construct attacks that target hypervisor non-control data to demonstrate which types of data within the Xen hypervisor are critical to system security. It shows privilege, resource utilisation and security policy related data are vulnerable to return-oriented programming or DMA attacks. By modifying their values from one to another, the whole system´s performance will be affected. By discussing current approaches that secure hypervisors, which are not suitable for non-control data, the work is to motivate new innovation in this area to protect them.
  • Keywords
    data integrity; security of data; virtualisation; DMA attacks; Xen hypervisor; computer systems; data integrity; hypervisor noncontrol data; return-oriented programming; secure hypervisors; system security; systemic threats; virtualisation layer;
  • fLanguage
    English
  • Journal_Title
    Information Security, IET
  • Publisher
    iet
  • ISSN
    1751-8709
  • Type

    jour

  • DOI
    10.1049/iet-ifs.2012.0252
  • Filename
    6673874
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=106507