With analysis of limitations Trusted Computing Group (TCG) has encountered, we argued that virtual machine monitor (VMM) is the appropriate architecture for implementing TCG specification. Putting together the VMM...With analysis of limitations Trusted Computing Group (TCG) has encountered, we argued that virtual machine monitor (VMM) is the appropriate architecture for implementing TCG specification. Putting together the VMM architecture, TCG hardware and application-oriented "thin" virtual machine (VM), Trusted VMM-based security architecture is present in this paper with the character of reduced and distributed trusted computing base (TCB). It provides isolation and integrity guarantees based on which general security requirements can be satisfied.展开更多
Three kinds of vulnerabilities that may exist in some of current virtualization-based security monitoring systems were proposed: page mapping problem,lack of overall protection,and inherent limitations. Aiming at the...Three kinds of vulnerabilities that may exist in some of current virtualization-based security monitoring systems were proposed: page mapping problem,lack of overall protection,and inherent limitations. Aiming at these vulnerabilities,relative attack methods were presented in detail. Our experiments show that the attack methods,such as page mapping attack,data attack,and non-behavior detection attack,can attack simulated or original security monitors successfully. Defenders,who need to effectively strengthen their security monitors,can get an inspiration from these attack methods and find some appropriate solutions.展开更多
Virtual machine monitors (VMMs) play a central role in cloud computing. Their reliability and availability are critical for cloud computing. Virtualization and device emu- lation make the VMM code base large and the...Virtual machine monitors (VMMs) play a central role in cloud computing. Their reliability and availability are critical for cloud computing. Virtualization and device emu- lation make the VMM code base large and the interface be- tween OS and VMM complex. This results in a code base that is very hard to verify the security of the VMM. For exam- ple, a misuse of a VMM hyper-call by a malicious guest OS can corrupt the whole VMM. The complexity of the VMM also makes it hard to formally verify the correctness of the system's behavior. In this paper a new VMM, operating sys- tem virtualization (OSV), is proposed. The multiprocessor boot interface and memory configuration interface are virtu- alized in OSV at boot time in the Linux kernel. After booting, only inter-processor interrupt operations are intercepted by OSV, which makes the interface between OSV and OS sim- ple. The interface is verified using formal model checking, which ensures a malicious OS cannot attack OSV through the interface. Currently, OSV is implemented based on the AMD Opteron multi-core server architecture. Evaluation re- sults show that Linux running on OSV has a similar perfor- mance to native Linux. OSV has a performance improvement of 4%-13% over Xen.展开更多
Security tools are rapidly developed as network security threat is becoming more and more serious.To overcome the fundamental limitation of traditional host-based anti-malware system which is likely to be deceived and...Security tools are rapidly developed as network security threat is becoming more and more serious.To overcome the fundamental limitation of traditional host-based anti-malware system which is likely to be deceived and attacked by malicious codes,VMM-based anti-malware systems have recently become a hot research field.In this article,the existing malware hiding technique is analyzed,and a detecting model for hidden process based on "In-VM" idea is also proposed.Based on this detecting model,a hidden process detection technology which is based on HOOK SwapContext on the VMM platform is also implemented successfully.This technology can guarantee the detecting method not to be attacked by malwares and also resist all the current process hiding technologies.In order to detect the malwares which use remote injection method to hide themselves,a method by hijacking sysenter instruction is also proposed.Experiments show that the proposed methods guarantee the isolation of virtual machines,can detect all malware samples,and just bring little performance loss.展开更多
With the capability of the virtual machine monitor, a novel approach for logging system activities is designed. In the design, the guest operating system runs on the virtual machine monitor as non-privileged mode. The...With the capability of the virtual machine monitor, a novel approach for logging system activities is designed. In the design, the guest operating system runs on the virtual machine monitor as non-privileged mode. The redirecting and monitoring modules are added into the virtual machine monitor. When a guest application is calling a system call, it is trapped and redirected from the least privileged level into the virtual machine monitor running in the most privileged level. After logging is finished. it returns to the guest operating system running in the more privileged level and starts the system call. Compared with the traditional methods for logging system activities, the novel method makes it more difficult to destroy or tamper the logs. The preliminary evaluation shows that the prototype is simple and efficient.展开更多
The increasing requirements of intensive interoperaterbility among the distributed nodes desiderate the high performance network connections, owing to the substantial growth of cloud computing and datacenters. Network...The increasing requirements of intensive interoperaterbility among the distributed nodes desiderate the high performance network connections, owing to the substantial growth of cloud computing and datacenters. Network I/O virtualization aggregates the network resource and separates it into manageable parts for particular servers or devices, which provides effective consolidation and elastic management with high agility, flexibility and scalability as well as reduced cost and cabling. However, both network I/O virtualization aggregation and the increasing network speed incur higher traffic density, which generates a heavy system stress for I/O data moving and I/O event processing. Consequently, many researchers have dedicated to enhancing the system performance and alleviating the system overhead for high performance networking virtualizatiou. This paper first elaborates the mainstreaming I/O virtualization methodologies, including device emulation, split-driver model and hardware assisted model. Then, the paper discusses and compares their specific advantages in addition to performance bottlenecks in practical utilities. This paper mainly focuses on the comprehensive survey of state- of-the-art approaches for performance optimizations and improvements as well as the portability management for network I/O virtualization. The approaches include various novel data delivery schemes, overhead mitigations for interrupt processing and adequate resource allocations for dynamic network states. Finally, we highlight the diversity of I/O virtualization besides the performance improvements in network virtualization infrastructure.展开更多
Static cache partitioning can reduce inter- application cache interference and improve the composite performance of a cache-polluted application and a cache- sensitive application when they run on cores that share the...Static cache partitioning can reduce inter- application cache interference and improve the composite performance of a cache-polluted application and a cache- sensitive application when they run on cores that share the last level cache in the same multi-core processor. In a virtu- alized system, since different applications might run on dif- ferent virtual machines (VMs) in different time, it is inappli- cable to partition the cache statically in advance. This paper proposes a dynamic cache partitioning scheme that makes use of hot page detection and page migration to improve the com- posite performance of co-hosted virtual machines dynami- cally according to prior knowledge of cache-sensitive appli- cations. Experimental results show that the overhead of our page migration scheme is low, while in most cases, the com- posite performance is an improvement over free composition.展开更多
基金Supported by the National Program on Key Basic Re-search Project of China (G1999035801)
文摘With analysis of limitations Trusted Computing Group (TCG) has encountered, we argued that virtual machine monitor (VMM) is the appropriate architecture for implementing TCG specification. Putting together the VMM architecture, TCG hardware and application-oriented "thin" virtual machine (VM), Trusted VMM-based security architecture is present in this paper with the character of reduced and distributed trusted computing base (TCB). It provides isolation and integrity guarantees based on which general security requirements can be satisfied.
基金Supported by National 242 Plan Project(2005C48)the Technology Innovation Programme Major Projects of Beijing Institute of Technology(2011CX01015)
文摘Three kinds of vulnerabilities that may exist in some of current virtualization-based security monitoring systems were proposed: page mapping problem,lack of overall protection,and inherent limitations. Aiming at these vulnerabilities,relative attack methods were presented in detail. Our experiments show that the attack methods,such as page mapping attack,data attack,and non-behavior detection attack,can attack simulated or original security monitors successfully. Defenders,who need to effectively strengthen their security monitors,can get an inspiration from these attack methods and find some appropriate solutions.
文摘Virtual machine monitors (VMMs) play a central role in cloud computing. Their reliability and availability are critical for cloud computing. Virtualization and device emu- lation make the VMM code base large and the interface be- tween OS and VMM complex. This results in a code base that is very hard to verify the security of the VMM. For exam- ple, a misuse of a VMM hyper-call by a malicious guest OS can corrupt the whole VMM. The complexity of the VMM also makes it hard to formally verify the correctness of the system's behavior. In this paper a new VMM, operating sys- tem virtualization (OSV), is proposed. The multiprocessor boot interface and memory configuration interface are virtu- alized in OSV at boot time in the Linux kernel. After booting, only inter-processor interrupt operations are intercepted by OSV, which makes the interface between OSV and OS sim- ple. The interface is verified using formal model checking, which ensures a malicious OS cannot attack OSV through the interface. Currently, OSV is implemented based on the AMD Opteron multi-core server architecture. Evaluation re- sults show that Linux running on OSV has a similar perfor- mance to native Linux. OSV has a performance improvement of 4%-13% over Xen.
基金National High Technical Research and Development Program of China(863 Program)under Grant No. 2008AA01Z414
文摘Security tools are rapidly developed as network security threat is becoming more and more serious.To overcome the fundamental limitation of traditional host-based anti-malware system which is likely to be deceived and attacked by malicious codes,VMM-based anti-malware systems have recently become a hot research field.In this article,the existing malware hiding technique is analyzed,and a detecting model for hidden process based on "In-VM" idea is also proposed.Based on this detecting model,a hidden process detection technology which is based on HOOK SwapContext on the VMM platform is also implemented successfully.This technology can guarantee the detecting method not to be attacked by malwares and also resist all the current process hiding technologies.In order to detect the malwares which use remote injection method to hide themselves,a method by hijacking sysenter instruction is also proposed.Experiments show that the proposed methods guarantee the isolation of virtual machines,can detect all malware samples,and just bring little performance loss.
文摘With the capability of the virtual machine monitor, a novel approach for logging system activities is designed. In the design, the guest operating system runs on the virtual machine monitor as non-privileged mode. The redirecting and monitoring modules are added into the virtual machine monitor. When a guest application is calling a system call, it is trapped and redirected from the least privileged level into the virtual machine monitor running in the most privileged level. After logging is finished. it returns to the guest operating system running in the more privileged level and starts the system call. Compared with the traditional methods for logging system activities, the novel method makes it more difficult to destroy or tamper the logs. The preliminary evaluation shows that the prototype is simple and efficient.
基金This work was supported by the National High Technology Research and Development 863 Program of China under Grant No. 2012AA010905, the National Natural Science Foundation of China under Grant Nos. 61272100 and 61202374, the Ministry of Education Major Project of China under Grant No. 313035, and the National Research Foundation (NRF) Singapore under its CREATE Program.
文摘The increasing requirements of intensive interoperaterbility among the distributed nodes desiderate the high performance network connections, owing to the substantial growth of cloud computing and datacenters. Network I/O virtualization aggregates the network resource and separates it into manageable parts for particular servers or devices, which provides effective consolidation and elastic management with high agility, flexibility and scalability as well as reduced cost and cabling. However, both network I/O virtualization aggregation and the increasing network speed incur higher traffic density, which generates a heavy system stress for I/O data moving and I/O event processing. Consequently, many researchers have dedicated to enhancing the system performance and alleviating the system overhead for high performance networking virtualizatiou. This paper first elaborates the mainstreaming I/O virtualization methodologies, including device emulation, split-driver model and hardware assisted model. Then, the paper discusses and compares their specific advantages in addition to performance bottlenecks in practical utilities. This paper mainly focuses on the comprehensive survey of state- of-the-art approaches for performance optimizations and improvements as well as the portability management for network I/O virtualization. The approaches include various novel data delivery schemes, overhead mitigations for interrupt processing and adequate resource allocations for dynamic network states. Finally, we highlight the diversity of I/O virtualization besides the performance improvements in network virtualization infrastructure.
文摘Static cache partitioning can reduce inter- application cache interference and improve the composite performance of a cache-polluted application and a cache- sensitive application when they run on cores that share the last level cache in the same multi-core processor. In a virtu- alized system, since different applications might run on dif- ferent virtual machines (VMs) in different time, it is inappli- cable to partition the cache statically in advance. This paper proposes a dynamic cache partitioning scheme that makes use of hot page detection and page migration to improve the com- posite performance of co-hosted virtual machines dynami- cally according to prior knowledge of cache-sensitive appli- cations. Experimental results show that the overhead of our page migration scheme is low, while in most cases, the com- posite performance is an improvement over free composition.
