Systemic threats to hypervisor non-control data

ISCAS OpenIR

	Systemic threats to hypervisor non-control data
	Ding, Baozeng; He, Yeping; Wu, Yanjun; Yu, Jiageng
	2013
Source	IET INFORMATION SECURITY
ISSN	1751-8709
Volume	7 Issue:4 Pages:349-354
English Abstract	Hypervisors are becoming a widespread virtualisation layer in current computer systems. Recent successful attacks against hypervisors indicate that they face the similar integrity threats as traditional operating systems. Current approaches that secure hypervisors mainly focus on code or control-data integrity, without paying attention to non-control data integrity. In this study the authors construct attacks that target hypervisor non-control data to demonstrate which types of data within the Xen hypervisor are critical to system security. It shows privilege, resource utilisation and security policy related data are vulnerable to return-oriented programming or DMA attacks. By modifying their values from one to another, the whole system's performance will be affected. By discussing current approaches that secure hypervisors, which are not suitable for non-control data, the work is to motivate new innovation in this area to protect them.; Hypervisors are becoming a widespread virtualisation layer in current computer systems. Recent successful attacks against hypervisors indicate that they face the similar integrity threats as traditional operating systems. Current approaches that secure hypervisors mainly focus on code or control-data integrity, without paying attention to non-control data integrity. In this study the authors construct attacks that target hypervisor non-control data to demonstrate which types of data within the Xen hypervisor are critical to system security. It shows privilege, resource utilisation and security policy related data are vulnerable to return-oriented programming or DMA attacks. By modifying their values from one to another, the whole system's performance will be affected. By discussing current approaches that secure hypervisors, which are not suitable for non-control data, the work is to motivate new innovation in this area to protect them.
Indexed Type	SCI
Keyword	Data Integrity Security Of Data Virtualisation Systemic Threats Hypervisor Noncontrol Data Virtualisation Layer Computer Systems Secure Hypervisors Data Integrity Xen Hypervisor System Security Return-oriented Programming Dma Attacks
Department	[Ding, Baozeng; He, Yeping; Wu, Yanjun; Yu, Jiageng] Chinese Acad Sci, Inst Software, Natl Engn Res Ctr Fundamental Software, Beijing 100190, Peoples R China. [Ding, Baozeng; Yu, Jiageng] Chinese Acad Sci, Grad Univ, Beijing 100049, Peoples R China.
Language	英语
WOS ID	WOS:000328457400012
Citation statistics	Cited Times:8[WOS] [WOS Record] [Related Records in WOS]
Content Type	期刊论文
URI	http://ir.iscas.ac.cn/handle/311060/16896
Collection	中国科学院软件研究所
Recommended Citation GB/T 7714	Ding, Baozeng,He, Yeping,Wu, Yanjun,et al. Systemic threats to hypervisor non-control data[J]. IET INFORMATION SECURITY,2013,7(4):349-354.
APA	Ding, Baozeng,He, Yeping,Wu, Yanjun,&Yu, Jiageng.(2013).Systemic threats to hypervisor non-control data.IET INFORMATION SECURITY,7(4),349-354.
MLA	Ding, Baozeng,et al."Systemic threats to hypervisor non-control data".IET INFORMATION SECURITY 7.4(2013):349-354.

Files in This Item:
There are no files associated with this item.

If you have any objections to this item, please fill out the form below and the administrator will contact you as soon as possible.
Content:
Email：	*
Institution:
Verification Code:	Refresh

Any comments and suggestions are welcomed.
Title:	*
Content:
Email：	*
Verification Code:	Refresh

中国科学院软件研究所机构知识库