中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 软件所图书馆  > 会议论文
Title:
HyperVerify: A VM-assisted Architecture for Monitoring Hypervisor Non-control Data
Author: Ding, Baozeng ; He, Yeping ; Wu, Yanjun ; Lin, Yuqi
Conference Name: 7th IEEE International Conference on Software Security and Reliability (SERE)
Conference Date: JUN 18-20, 2013
Issued Date: 2013
Conference Place: Gaithersburg, MD
Keyword: virtualization ; hypervisor introspection ; non-control data
Publish Place: IEEE COMPUTER SOC
Indexed Type: CPCI
ISBN: 978-0-7695-5030-5
Department: [Ding, Baozeng; He, Yeping; Wu, Yanjun; Lin, Yuqi] Chinese Acad Sci, Inst Software, Beijing 100864, Peoples R China.
Abstract: Continuing bug reports and exploits in hypervisors indicate that hypervisors face similar integrity threats as tradition software. Previous approaches to protect a hypervisor that utilize hardware features are not easy to be extended. Besides, they mainly focus on code or control data integrity, without pay much attention to protecting non-control data. In this paper, we present HyperVerify, a novel architecture to monitor hypervisor non-control data using a trusted VM. Since a VM cannot directly access a hypervisor's memory, HyperVerify programs a popular device driver to read the hypervisor's hardware state in the trusted VM. Then a memory analysis library is used to translate the low-level hardware state into the high level hypervisor context. Several monitoring processes use such context to monitor hypervisor non-control data integrity. Each of the processes is responsible for monitoring one kind of non-control data. It is flexible for HyperVerify to support monitoring new kinds of data structure. The experimental evaluation of our prototype shows that HyperVerify incurs at most 4% performance overhead to end users.
English Abstract: Continuing bug reports and exploits in hypervisors indicate that hypervisors face similar integrity threats as tradition software. Previous approaches to protect a hypervisor that utilize hardware features are not easy to be extended. Besides, they mainly focus on code or control data integrity, without pay much attention to protecting non-control data. In this paper, we present HyperVerify, a novel architecture to monitor hypervisor non-control data using a trusted VM. Since a VM cannot directly access a hypervisor's memory, HyperVerify programs a popular device driver to read the hypervisor's hardware state in the trusted VM. Then a memory analysis library is used to translate the low-level hardware state into the high level hypervisor context. Several monitoring processes use such context to monitor hypervisor non-control data integrity. Each of the processes is responsible for monitoring one kind of non-control data. It is flexible for HyperVerify to support monitoring new kinds of data structure. The experimental evaluation of our prototype shows that HyperVerify incurs at most 4% performance overhead to end users.
Language: 英语
Content Type: 会议论文
URI: http://ir.iscas.ac.cn/handle/311060/16531
Appears in Collections:软件所图书馆_会议论文

Files in This Item:

There are no files associated with this item.


Recommended Citation:
Ding, Baozeng,He, Yeping,Wu, Yanjun,et al. HyperVerify: A VM-assisted Architecture for Monitoring Hypervisor Non-control Data[C]. 见:7th IEEE International Conference on Software Security and Reliability (SERE). Gaithersburg, MD. JUN 18-20, 2013.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[Ding, Baozeng]'s Articles
[He, Yeping]'s Articles
[Wu, Yanjun]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[Ding, Baozeng]‘s Articles
[He, Yeping]‘s Articles
[Wu, Yanjun]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2019  中国科学院软件研究所 - Feedback
Powered by CSpace