HyperForce: Hypervisor-enForced Execution of Security-Critical Code

Abstract : The sustained popularity of the cloud and cloud-related services accelerate the evolution of virtualization-enabling technologies. Modern off-the-shelf computers are already equipped with specialized hardware that enables a hypervisor to manage the simultaneous execution of multiple operating systems. Researchers have proposed security mechanisms that operate within such a hypervisor to protect the virtualized operating systems from attacks. These mechanisms improve in security over previous techniques since the defense system is no longer part of an operating system’s attack surface. However, due to constant transitions between the hypervisor and the operating systems, these countermeasures typically incur a significant performance overhead.In this paper we present HyperForce, a framework which allows the deployment of security-critical code in a way that significantly outperforms previous in-hypervisor systems while maintaining similar guarantees with respect to security and integrity. HyperForce is a hybrid system which combines the performance of an in-guest security mechanism with the security of in-hypervisor one. We evaluate our framework by using it to re-implement an invariance-based rootkit detection system and show the performance benefits of a HyperForce-utilizing countermeasure.
Type de document :
Communication dans un congrès
Dimitris Gritzalis; Steven Furnell; Marianthi Theoharidou. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-376, pp.126-137, 2012, Information Security and Privacy Research. 〈10.1007/978-3-642-30436-1_11〉
Liste complète des métadonnées

Littérature citée [19 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01518236
Contributeur : Hal Ifip <>
Soumis le : jeudi 4 mai 2017 - 13:45:30
Dernière modification le : jeudi 4 mai 2017 - 14:53:54
Document(s) archivé(s) le : samedi 5 août 2017 - 13:30:55

Fichier

978-3-642-30436-1_11_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Francesco Gadaleta, Nick Nikiforakis, Jan Mühlberg, Wouter Joosen. HyperForce: Hypervisor-enForced Execution of Security-Critical Code. Dimitris Gritzalis; Steven Furnell; Marianthi Theoharidou. 27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. Springer, IFIP Advances in Information and Communication Technology, AICT-376, pp.126-137, 2012, Information Security and Privacy Research. 〈10.1007/978-3-642-30436-1_11〉. 〈hal-01518236〉

Partager

Métriques

Consultations de la notice

288

Téléchargements de fichiers

49