Scotch: Combining Software Guard Extensions and System Management Mode to Monitor Cloud Resource Usage
|
|
|
- Caren Strickland
- 6 years ago
- Views:
Transcription
1 Scotch: Combining Software Guard Extensions and System Management Mode to Monitor Cloud Resource Usage Kevin Leach 1, Fengwei Zhang 2, and Westley Weimer 1 1 University of Michigan, 2 Wayne State University Leach, Zhang, & Weimer 1 / 19
2 Summary We use Intel Software Guard Extensions (SGX) and System Management Mode (SMM) to accurately monitor resource consumption of virtual machines (VMs) in the presence of a compromised VM or hypervisor Leach, Zhang, & Weimer 2 / 19
3 Motivation Multi-tenant cloud computing increases utilization Client agrees to pay Cloud provider for a particular service level e.g., $1 per hour of CPU time Leach, Zhang, & Weimer 3 / 19
4 Motivation Multi-tenant cloud computing increases utilization Client agrees to pay Cloud provider for a particular service level e.g., $1 per hour of CPU time Cloud provider depends on hypervisor/virtual machine monitor (VMM) platform to distribute resources Xen, QEMU, etc. Cloud VMM VM 1 VM 2 VM 3 Leach, Zhang, & Weimer 3 / 19
5 Motivation Multi-tenant cloud computing increases utilization Client agrees to pay Cloud provider for a particular service level e.g., $1 per hour of CPU time Cloud provider depends on hypervisor/virtual machine monitor (VMM) platform to distribute resources Xen, QEMU, etc. 1 Cloud VMM 1 3 CPU 3 CPU 3 CPU VM 1 VM 2 VM 3 If all 3 VMs peg the CPU, the VMM must decide how to allocate CPU time based on each client s service level. Leach, Zhang, & Weimer 3 / 19 1
6 Motivation Cloud provider depends on VMM platform to distribute resources Leach, Zhang, & Weimer 4 / 19
7 Motivation Cloud provider depends on VMM platform to distribute resources Two issues Leach, Zhang, & Weimer 4 / 19
8 Motivation Cloud provider depends on VMM platform to distribute resources Two issues 1. What if the VMM/cloud provider is malicious? Manipulate resource consumption to bill customers more Leach, Zhang, & Weimer 4 / 19
9 Motivation Cloud provider depends on VMM platform to distribute resources Two issues 1. What if the VMM/cloud provider is malicious? Manipulate resource consumption to bill customers more 2. What if the VMM is vulnerable to malicious VMs? Malicious VM manipulates resource consumption to steal resources from benign customers Leach, Zhang, & Weimer 4 / 19
10 Resource Accounting Attacks Benign Behavior VMM decides to bill a guest: ms 30ms 60ms 90ms 120ms 150ms 180ms CPU time The Xen hypervisor regularly checks which VM is active to determine how much CPU time each VM uses Leach, Zhang, & Weimer 5 / 19
11 Resource Accounting Attacks Malicious Behavior VMM decides to bill a guest: ms 30ms 60ms 90ms 120ms 150ms 180ms CPU time A malicious VM (2) with knowledge of the VMM can affect the appearance of resource consumption by itself and benign VMs. Leach, Zhang, & Weimer 6 / 19
12 Resource Interference Attacks Attacker can take advantage of known victim behavior Malicious VM Flood HTTP server Victim VM (webserver) Free CPU cycles Thrash from I/O Malicious VM can cause benign VM to free up resources for itself Leach, Zhang, & Weimer 7 / 19
13 VM Escape Attack Malicious VM can exploit buggy VMM implementation, allowing code execution with VMM privilege Could potentially alter resource consumption to hide itself Leach, Zhang, & Weimer 8 / 19
14 Scotch: Transparent Cloud Resource Accounting Two desired properties 1. Transparent The underlying VMM and VMs are not aware accounting occurs 2. Tamper-resistant A malicious VMM or VM guest cannot reliably alter accounting data Leach, Zhang, & Weimer 9 / 19
15 Insights for Scotch System Management Mode High priority System Management Interrupt causes CPU to atomically execute SMM handler code Leach, Zhang, & Weimer 10 / 19
16 Insights for Scotch System Management Mode High priority System Management Interrupt causes CPU to atomically execute SMM handler code Use SMM to collect raw resource consumption data Leach, Zhang, & Weimer 10 / 19
17 Insights for Scotch System Management Mode High priority System Management Interrupt causes CPU to atomically execute SMM handler code Use SMM to collect raw resource consumption data SMM logically collects data, then relays it to SGX enclave Leach, Zhang, & Weimer 10 / 19
18 Insights for Scotch Software Guard Extensions Enclave-based trusted execution environment (TEE); userspace code runs in isolation Leach, Zhang, & Weimer 11 / 19
19 Insights for Scotch Software Guard Extensions Enclave-based trusted execution environment (TEE); userspace code runs in isolation Use SGX enclave so that benign user can monitor and verify their resource consumption Leach, Zhang, & Weimer 11 / 19
20 Insights for Scotch Software Guard Extensions Enclave-based trusted execution environment (TEE); userspace code runs in isolation Use SGX enclave so that benign user can monitor and verify their resource consumption Raw data collected by SMM is relayed to SGX enclave Leach, Zhang, & Weimer 11 / 19
21 Scotch: Transparent Cloud Resource Accounting Protected System 2 1 VMM (e.g., Xen) VM1 VM2 VM3 4 SGX Enclave SGX Enclave VM1 data VM2 data VM3 data True timer 3 SMI Handler Data 5 1. VMM decides to switch between VM guests Leach, Zhang, & Weimer 12 / 19
22 Scotch: Transparent Cloud Resource Accounting Protected System 2 1 VMM (e.g., Xen) VM1 VM2 VM3 4 SGX Enclave SGX Enclave VM1 data VM2 data VM3 data True timer 3 SMI Handler Data 5 2. Scotch measures resource consumption by invoking SMM every context switch Leach, Zhang, & Weimer 12 / 19
23 Scotch: Transparent Cloud Resource Accounting Protected System 2 1 VMM (e.g., Xen) VM1 VM2 VM3 4 SGX Enclave SGX Enclave VM1 data VM2 data VM3 data True timer 3 SMI Handler Data 5 3. SMM handler executes resource accounting in isolation Leach, Zhang, & Weimer 12 / 19
24 Scotch: Transparent Cloud Resource Accounting Protected System 2 1 VMM (e.g., Xen) VM1 VM2 VM3 4 SGX Enclave SGX Enclave VM1 data VM2 data VM3 data True timer 3 SMI Handler Data 5 4. Data is marshalled to SGX enclave within VM Leach, Zhang, & Weimer 12 / 19
25 Scotch: Transparent Cloud Resource Accounting Protected System 2 1 VMM (e.g., Xen) VM1 VM2 VM3 4 SGX Enclave SGX Enclave VM1 data VM2 data VM3 data True timer 3 SMI Handler Data 5 5. Benign VM can monitor resource accounting data with high integrity Leach, Zhang, & Weimer 12 / 19
26 Evaluation Research Questions RQ1: Can we maintain accurate accounting during scheduler attacks? RQ2: What is our overhead on benign workloads? RQ3: Can we maintain accurate accounting during resource interference attacks? RQ4: Can we maintain accurate accounting during VM escape attacks? Leach, Zhang, & Weimer 13 / 19
27 RQ1: Scheduler Attacks Implement controllable scheduler Simulate attacker by altering the CPU time allocation by a varying degree Leach, Zhang, & Weimer 14 / 19
28 RQ1: Scheduler Attacks Implement controllable scheduler Simulate attacker by altering the CPU time allocation by a varying degree Run two VMs, one simulated attacker and one benign Both are computing indicative workloads: pi, gzip, and the PARSEC benchmarks Leach, Zhang, & Weimer 14 / 19
29 RQ1: Scheduler Attacks Implement controllable scheduler Simulate attacker by altering the CPU time allocation by a varying degree Run two VMs, one simulated attacker and one benign Both are computing indicative workloads: pi, gzip, and the PARSEC benchmarks Compare observed CPU time consumption presented by Xen vs. Scotch Leach, Zhang, & Weimer 14 / 19
30 RQ1: Scheduler Attacks Implement controllable scheduler Simulate attacker by altering the CPU time allocation by a varying degree Run two VMs, one simulated attacker and one benign Both are computing indicative workloads: pi, gzip, and the PARSEC benchmarks Compare observed CPU time consumption presented by Xen vs. Scotch TL;DR Scotch shows significant difference in allocated CPU time Leach, Zhang, & Weimer 14 / 19
31 RQ1: Scheduler Attacks Table : Ratio of attacker VM CPU time to guest VM CPU time. Scheduler attack severity level Benign Scotch ground truth Leach, Zhang, & Weimer 15 / 19
32 RQ1: Scheduler Attacks Table : Ratio of attacker VM CPU time to guest VM CPU time. Scheduler attack severity level Benign Scotch ground truth The attacker receives disproportionate CPU time. Ground truth obtained with Xentrace. Leach, Zhang, & Weimer 15 / 19
33 RQ2: Overhead Invoking SMIs to run accounting code can be costly Leach, Zhang, & Weimer 16 / 19
34 RQ2: Overhead Invoking SMIs to run accounting code can be costly Accounting code takes 2248 ± 69 cycles to execute Roughly 1µs incurred every context switch Leach, Zhang, & Weimer 16 / 19
35 RQ2: Overhead Invoking SMIs to run accounting code can be costly Accounting code takes 2248 ± 69 cycles to execute Roughly 1µs incurred every context switch Xen takes roughly 20,000 cycles (7.1µs) per context switch Leach, Zhang, & Weimer 16 / 19
36 RQ2: Overhead Invoking SMIs to run accounting code can be costly Accounting code takes 2248 ± 69 cycles to execute Roughly 1µs incurred every context switch Xen takes roughly 20,000 cycles (7.1µs) per context switch Scotch adds 14% overhead per context switch Leach, Zhang, & Weimer 16 / 19
37 RQ2: Overhead Invoking SMIs to run accounting code can be costly Accounting code takes 2248 ± 69 cycles to execute Roughly 1µs incurred every context switch Xen takes roughly 20,000 cycles (7.1µs) per context switch Scotch adds 14% overhead per context switch.0033% system overhead on CPU-bound workloads Leach, Zhang, & Weimer 16 / 19
38 RQ3: Resource Interference Attacks By construction, Scotch provides accurate accounting information Leach, Zhang, & Weimer 17 / 19
39 RQ3: Resource Interference Attacks By construction, Scotch provides accurate accounting information Scotch does not automatically detect Resource Interference Attacks Leach, Zhang, & Weimer 17 / 19
40 RQ3: Resource Interference Attacks By construction, Scotch provides accurate accounting information Scotch does not automatically detect Resource Interference Attacks However, SGX allows userspace access to reliable accounting information Client can monitor their resource usage and perform their own analysis for their case Leach, Zhang, & Weimer 17 / 19
41 RQ4: VM Escape Attacks Accounting code stored in isolated SMRAM and SGX enclave Leach, Zhang, & Weimer 18 / 19
42 RQ4: VM Escape Attacks Accounting code stored in isolated SMRAM and SGX enclave Even if attacker roots hypervisor, they cannot change the accounting code Leach, Zhang, & Weimer 18 / 19
43 RQ4: VM Escape Attacks Accounting code stored in isolated SMRAM and SGX enclave Even if attacker roots hypervisor, they cannot change the accounting code BIOS locks SMRAM, so no opportunity for attacker to infiltrate SMM if BIOS is trusted Leach, Zhang, & Weimer 18 / 19
44 Conclusion Scotch is an SMM- and SGX-based framework for accurately accounting resource consumption in cloud infrastructure Leach, Zhang, & Weimer 19 / 19
45 Conclusion Scotch is an SMM- and SGX-based framework for accurately accounting resource consumption in cloud infrastructure Scotch accounts for resource usage every context switch, introducing minimal overhead on indicative workloads Leach, Zhang, & Weimer 19 / 19
46 Conclusion Scotch is an SMM- and SGX-based framework for accurately accounting resource consumption in cloud infrastructure Scotch accounts for resource usage every context switch, introducing minimal overhead on indicative workloads Scotch accurately accounts for CPU time consumption in the presence of scheduler attack Porting drivers to SMM would readily admit incorporating accounting for additional types of resources, such as network usage Leach, Zhang, & Weimer 19 / 19
47 Conclusion Scotch is an SMM- and SGX-based framework for accurately accounting resource consumption in cloud infrastructure Scotch accounts for resource usage every context switch, introducing minimal overhead on indicative workloads Scotch accurately accounts for CPU time consumption in the presence of scheduler attack Porting drivers to SMM would readily admit incorporating accounting for additional types of resources, such as network usage By construction, Scotch protects the hypervisor from VM escape and other control hijacking attacks Leach, Zhang, & Weimer 19 / 19
Scotch: Combining Software Guard Extensions and System Management Mode to Monitor Cloud Resource Usage
Scotch: Combining Software Guard Extensions and System Management Mode to Monitor Cloud Resource Usage Kevin Leach 1, Fengwei Zhang 2, and Westley Weimer 3 1 University of Virginia, Charlottesville, VA
A Comparison Study of Intel SGX and AMD Memory Encryption Technology
A Comparison Study of Intel SGX and AMD Memory Encryption Technology Saeid Mofrad, Fengwei Zhang Shiyong Lu Wayne State University {saeid.mofrad, Fengwei, Shiyong}@wayne.edu Weidong Shi (Larry) University
STM/PE & XHIM. Eugene D. Myers Trust Mechanisms Information Assurance Research NSA/CSS Research Directorate May 24, 2018
STM/PE & XHIM Eugene D. Myers Trust Mechanisms Information Assurance Research NSA/CSS Research Directorate May 24, 2018 Overview SMM STM STM/PE XHIM, an STM/PE application Future Plans System Management
Introduction to SGX (Software Guard Extensions) and SGX Virtualization. Kai Huang, Jun Nakajima (Speaker) July 12, 2017
Introduction to SGX (Software Guard Extensions) and SGX Virtualization Kai Huang, Jun Nakajima (Speaker) July 12, 2017 1 INTEL RESTRICTED SECRET Agenda SGX Introduction Xen SGX Virtualization Support Backup
CS-580K/480K Advanced Topics in Cloud Computing. VM Virtualization II
CS-580K/480K Advanced Topics in Cloud Computing VM Virtualization II 1 How to Build a Virtual Machine? 2 How to Run a Program Compiling Source Program Loading Instruction Instruction Instruction Instruction
SoK: A Study of Using Hardwareassisted. Environments for Security. Fengwei Zhang and Hongwei Zhang. Wayne State University Detroit, Michigan, USA
SoK: A Study of Using Hardwareassisted Isolated Execu
OS Security IV: Virtualization and Trusted Computing
1 OS Security IV: Virtualization and Trusted Computing Chengyu Song Slides modified from Dawn Song 2 Administrivia Lab2 More questions? 3 Virtual machine monitor +-----------+----------------+-------------+
Securing Cloud Computing
Securing Cloud Computing NLIT Summit, May 2018 PRESENTED BY Jeffrey E. Forster jeforst@sandia.gov Lucille Forster lforste@sandia.gov Sandia National Laboratories is a multimission laboratory managed and
Secure Containers with EPT Isolation
Secure Containers with EPT Isolation Chunyan Liu liuchunyan9@huawei.com Jixing Gu jixing.gu@intel.com Presenters Jixing Gu: Software Architect, from Intel CIG SW Team, working on secure container solution
Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor?
Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor? Mr. Jacob Torrey May 13, 2014 Dartmouth College 153 Brooks Road, Rome, NY 315.336.3306 http://ainfosec.com @JacobTorrey torreyj@ainfosec.com
MultiLanes: Providing Virtualized Storage for OS-level Virtualization on Many Cores
MultiLanes: Providing Virtualized Storage for OS-level Virtualization on Many Cores Junbin Kang, Benlong Zhang, Tianyu Wo, Chunming Hu, and Jinpeng Huai Beihang University 夏飞 20140904 1 Outline Background
Virtually Impossible
Virtually Impossible The Reality of Virtualization Security Gal Diskin / Chief Research Officer / Cyvera LTD. /WhoAmI? Chief Research Officer @ Cvyera LTD Formerly Security Evaluation Architect of the
SGX memory oversubscription
SGX memory oversubscription Somnath Chakrabarti, Rebekah Leslie-Hurd, Mona Vij, Frank McKeen, Carlos Rozas, Dror Caspi, llya Alexandrovich, Ittai Anati {somnath.chakrabarti, rebekah.leslie-hurd, mona.vij,
Tailoring TrustZone as SMM Equivalent
presented by Tailoring TrustZone as SMM Equivalent Tony C.S. Lo Senior Manager American Megatrends Inc. UEFI Plugfest March 2016 www.uefi.org 1 Agenda Introduction ARM TrustZone SMM-Like Services in TrustZone
Operating System Security
Operating System Security Operating Systems Defined Hardware: I/o...Memory.CPU Operating Systems: Windows or Android, etc Applications run on operating system Operating Systems Makes it easier to use resources.
Back To The Future: A Radical Insecure Design of KVM on ARM
Back To The Future: A Radical Insecure Design of KVM on ARM Abstract In ARM, there are certain instructions that generate exceptions. Such instructions are typically executed to request a service from
ReVirt: Enabling Intrusion Analysis through Virtual Machine Logging and Replay
ReVirt: Enabling Intrusion Analysis through Virtual Machine Logging and Replay Or We Can Remember It for You Wholesale (with apologies to Philip K. Dick) George Dunlap, Sam King, SukruCinar, MurtazaBasraiand
CIS 4360 Secure Computer Systems SGX
CIS 4360 Secure Computer Systems SGX Professor Qiang Zeng Spring 2017 Some slides are stolen from Intel docs Previous Class UEFI Secure Boot Windows s Trusted Boot Intel s Trusted Boot CIS 4360 Secure
Nested Virtualization and Server Consolidation
Nested Virtualization and Server Consolidation Vara Varavithya Department of Electrical Engineering, KMUTNB varavithya@gmail.com 1 Outline Virtualization & Background Nested Virtualization Hybrid-Nested
Virtualization. Pradipta De
Virtualization Pradipta De pradipta.de@sunykorea.ac.kr Today s Topic Virtualization Basics System Virtualization Techniques CSE506: Ext Filesystem 2 Virtualization? A virtual machine (VM) is an emulation
CSC 5930/9010 Cloud S & P: Virtualization
CSC 5930/9010 Cloud S & P: Virtualization Professor Henry Carter Fall 2016 Recap Network traffic can be encrypted at different layers depending on application needs TLS: transport layer IPsec: network
VT-d Posted Interrupts. Feng Wu, Jun Nakajima <Speaker> Intel Corporation
VT-d Posted Interrupts Feng Wu, Jun Nakajima Intel Corporation Agenda Motivation Difference btw CPU-based and VT-d Posted Interrupts Architecture Implementation Details Performance Summary 2
Virtual Machines Disco and Xen (Lecture 10, cs262a) Ion Stoica & Ali Ghodsi UC Berkeley February 26, 2018
Virtual Machines Disco and Xen (Lecture 10, cs262a) Ion Stoica & Ali Ghodsi UC Berkeley February 26, 2018 Today s Papers Disco: Running Commodity Operating Systems on Scalable Multiprocessors, Edouard
An Introduction to Platform Security
presented by An Introduction to Platform Security Spring 2018 UEFI Seminar and Plugfest March 26-30, 2018 Presented by Brent Holtsclaw and John Loucaides (Intel) Legal Notice No computer system can be
CSE543 - Computer and Network Security Module: Virtualization
CSE543 - Computer and Network Security Module: Virtualization Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 1 Operating System Quandary Q: What is the primary goal of
Chapter 5 C. Virtual machines
Chapter 5 C Virtual machines Virtual Machines Host computer emulates guest operating system and machine resources Improved isolation of multiple guests Avoids security and reliability problems Aids sharing
Who Watches the Watcher? Detecting Hypervisor Introspection from Unprivileged Guests
Tomasz Tuzel Who Watches the Watcher? Detecting Hypervisor Introspection from Unprivileged Guests Overview The Cloud Numerous organizations are moving en masse to the cloud It s easier to manage It s easier
Knut Omang Ifi/Oracle 20 Oct, Introduction to virtualization (Virtual machines) Aspects of network virtualization:
Software and hardware support for Network Virtualization part 2 Knut Omang Ifi/Oracle 20 Oct, 2015 32 Overview Introduction to virtualization (Virtual machines) Aspects of network virtualization: Virtual
HP Sure Start Gen3. Table of contents. Available on HP Elite products equipped with 7th generation Intel Core TM processors September 2017
Technical white paper Gen3 7th generation Intel Core TM processors September 2017 Table of contents 1 Gen3... 2 1.1 Background... 2 1.2 Gen3 overview... 2 1.3 Runtime Intrusion Detection (RTID)... 2 1.3.1
Intel Software Guard Extensions
Intel Software Guard Extensions Dr. Matthias Hahn, Intel Deutschland GmbH July 12 th 2017 cryptovision Mindshare, Gelsenkirchen Intel SGX Making Headlines Premium Content requiring Intel SGX on PC Intel
Cloud Computing Virtualization
Cloud Computing Virtualization Anil Madhavapeddy anil@recoil.org Contents Virtualization. Layering and virtualization. Virtual machine monitor. Virtual machine. x86 support for virtualization. Full and
Virtual Machine Monitors!
ISA 673 Operating Systems Security Virtual Machine Monitors! Angelos Stavrou, George Mason University! Virtual Machine Monitors 2! Virtual Machine Monitors (VMMs) are everywhere! Industry commitment! Software:
The Architecture of Virtual Machines Lecture for the Embedded Systems Course CSD, University of Crete (April 29, 2014)
The Architecture of Virtual Machines Lecture for the Embedded Systems Course CSD, University of Crete (April 29, 2014) ManolisMarazakis (maraz@ics.forth.gr) Institute of Computer Science (ICS) Foundation
Enhance your Cloud Security with AMD EPYC Hardware Memory Encryption
Enhance your Cloud Security with AMD EPYC Hardware Memory Encryption White Paper October, 2018 Introduction Consumers and enterprises are becoming increasingly concerned about the security of their digital
Distributed Systems COMP 212. Lecture 18 Othon Michail
Distributed Systems COMP 212 Lecture 18 Othon Michail Virtualisation & Cloud Computing 2/27 Protection rings It s all about protection rings in modern processors Hardware mechanism to protect data and
Varys. Protecting SGX Enclaves From Practical Side-Channel Attacks. Oleksii Oleksenko, Bohdan Trach. Mark Silberstein
Varys Protecting SGX Enclaves From Practical Side-Channel Attacks Oleksii Oleksenko, Bohdan Trach Robert Krahn, Andre Martin, Christof Fetzer Mark Silberstein Key issue of the cloud: We cannot trust it
The Challenges of X86 Hardware Virtualization. GCC- Virtualization: Rajeev Wankar 36
The Challenges of X86 Hardware Virtualization GCC- Virtualization: Rajeev Wankar 36 The Challenges of X86 Hardware Virtualization X86 operating systems are designed to run directly on the bare-metal hardware,
Research and Design of Crypto Card Virtualization Framework Lei SUN, Ze-wu WANG and Rui-chen SUN
2016 International Conference on Wireless Communication and Network Engineering (WCNE 2016) ISBN: 978-1-60595-403-5 Research and Design of Crypto Card Virtualization Framework Lei SUN, Ze-wu WANG and Rui-chen
CSE 120 Principles of Operating Systems
CSE 120 Principles of Operating Systems Spring 2018 Lecture 16: Virtual Machine Monitors Geoffrey M. Voelker Virtual Machine Monitors 2 Virtual Machine Monitors Virtual Machine Monitors (VMMs) are a hot
Virtual Machine Security
Virtual Machine Security CSE443 - Spring 2012 Introduction to Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse443-s12/ 1 Operating System Quandary Q: What is the primary goal
CS 350 Winter 2011 Current Topics: Virtual Machines + Solid State Drives
CS 350 Winter 2011 Current Topics: Virtual Machines + Solid State Drives Virtual Machines Resource Virtualization Separating the abstract view of computing resources from the implementation of these resources
VIRTUALIZATION technologies have become the de facto
332 IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 11, NO. 4, JULY/AUGUST 2014 HyperCheck: A Hardware-Assisted Integrity Monitor Fengwei Zhang, Jiang Wang, Kun Sun, and Angelos Stavrou Abstract
Advanced Operating Systems (CS 202) Virtualization
Advanced Operating Systems (CS 202) Virtualization Virtualization One of the natural consequences of the extensibility research we discussed What is virtualization and what are the benefits? 2 Virtualization
Project CIP Modifications
Project 2016-02 CIP Modifications Webinar on Standard Drafting Team Considerations for the Use of Virtualization in the CIP Environment April 18, 2017 Administrative Items NERC Antitrust Guidelines It
Virtualization. Michael Tsai 2018/4/16
Virtualization Michael Tsai 2018/4/16 What is virtualization? Let s first look at a video from VMware http://www.vmware.com/tw/products/vsphere.html Problems? Low utilization Different needs DNS DHCP Web
CS 550 Operating Systems Spring Introduction to Virtual Machines
CS 550 Operating Systems Spring 2018 Introduction to Virtual Machines 1 How to share a physical computer Operating systems allows multiple processes/applications to run simultaneously Via process/memory
Cauldron: A Framework to Defend Against Cache-based Side-channel Attacks in Clouds
Cauldron: A Framework to Defend Against Cache-based Side-channel Attacks in Clouds Mohammad Ahmad, Read Sprabery, Konstantin Evchenko, Abhilash Raj, Dr. Rakesh Bobba, Dr. Sibin Mohan, Dr. Roy Campbell
From bottom to top: Exploiting hardware side channels in web browsers
From bottom to top: Exploiting hardware side channels in web browsers Clémentine Maurice, Graz University of Technology July 4, 2017 RMLL, Saint-Étienne, France Rennes Graz Clémentine Maurice PhD since
CSE543 - Computer and Network Security Module: Virtualization
CSE543 - Computer and Network Security Module: Virtualization Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 Operating System Quandary Q: What is the primary goal of system
Problem System administration tasks on a VM from the outside, e.g., issue administrative commands such as hostname and rmmod. One step ahead tradition
EXTERIOR: Using a Dual-VM Based External Shell for Guest-OS Introspection, Configuration, and Recovery ACM VEE 13 Problem System administration tasks on a VM from the outside, e.g., issue administrative
Micro VMMs and Nested Virtualization
Micro VMMs and Nested Virtualization For the TCE 4th summer school on computer security, big data and innovation Baruch Chaikin, Intel 9 September 2015 Agenda Virtualization Basics The Micro VMM Nested
SGX Security Background. Masab Ahmad Department of Electrical and Computer Engineering University of Connecticut
SGX Security Background Masab Ahmad masab.ahmad@uconn.edu Department of Electrical and Computer Engineering University of Connecticut 1 Security Background Outline Cryptographic Primitives Cryptographic
Virtual Machines. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University
Virtual Machines Jinkyu Jeong (jinkyu@skku.edu) Computer Systems Laboratory Sungkyunkwan University http://csl.skku.edu Today's Topics History and benefits of virtual machines Virtual machine technologies
Operating system hardening
Operating system Comp Sci 3600 Security Outline 1 2 3 4 5 6 What is OS? Hardening process that includes planning, ation, uration, update, and maintenance of the operating system and the key applications
Virtualisation on Mobile Devices {Hugo Marques, Nuno Conceição, Luis Pereira}
Virtualisation on Mobile Devices {Hugo Marques, Nuno Conceição, Luis Pereira} Security Approaches for the Mobile Platform In a nutshell (Mobi)Trust is the...expectation that a device will behave in a particular
Intel s s Security Vision for Xen
Intel s s Security Vision for Xen Carlos Rozas Intel Corporation Xen Summit April 7-8, 7 2005 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. EXCEPT AS PROVIDED IN INTEL'S TERMS
Implications of Cache Asymmetry on Server Consolidation Performance
Implications of ache Asymmetry on Server onsolidation Performance Presenter: Omesh Tickoo Padma Apparao, Ravi Iyer, Don Newell *Hardware Architecture Lab Intel orporation IISW 2008 1 Outline Server onsolidation
Meltdown and Spectre - understanding and mitigating the threats
Meltdown and Spectre - understanding and mitigating the threats Gratuitous vulnerability logos Jake Williams @MalwareJake SANS / Rendition Infosec sans.org / rsec.us @RenditionSec The sky isn t falling!
Hypervisor security. Evgeny Yakovlev, DEFCON NN, 2017
Hypervisor security Evgeny Yakovlev, DEFCON NN, 2017 whoami Low-level development in C and C++ on x86 UEFI, virtualization, security Jetico, Kaspersky Lab QEMU/KVM developer at Virtuozzo 2 Agenda Why hypervisor
Scalable Architectural Support for Trusted Software
Scalable Architectural Support for Trusted Software David Champagne and Ruby B. Lee Princeton University Secure Processor Design 11/02/2017 Dimitrios Skarlatos Motivation Apps handle sensitive/secret information
Locking Down the Processor via the Rowhammer Attack
SGX-BOMB: Locking Down the Processor via the Rowhammer Attack Yeongjin Jang*, Jaehyuk Lee, Sangho Lee, and Taesoo Kim Oregon State University* KAIST Georgia Institute of Technology TL;DR SGX locks up the
Deconstructing Xen. Lei Shi, Yuming Wu, Yubin Xia, Nathan Dautenhahn, Haibo Chen, Binyu Zang, Haibing Guan, Jinming Li
Deconstructing Xen Lei Shi, Yuming Wu, Yubin Xia, Nathan Dautenhahn, Haibo Chen, Binyu Zang, Haibing Guan, Jinming Li Shanghai Key Laboratory of Scalable Computing and Systems, Shanghai Jiao Tong University
Monitoring Hypervisor Integrity at Runtime. Student: Cuong Pham PIs: Prof. Zbigniew Kalbarczyk, Prof. Ravi K. Iyer ACC Meeting, Oct 2015
Monitoring Hypervisor Integrity at Runtime Student: Cuong Pham PIs: Prof. Zbigniew Kalbarczyk, Prof. Ravi K. Iyer ACC Meeting, Oct 2015 Motivation - Server Virtualization Trend x86 servers were virtualized
T-SGX: Eradicating Controlled-Channel
T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs Ming-Wei Shih Sangho Lee Taesoo Kim Marcus Peinado Georgia Institute of Technology Microsoft Research 2 3 Intel SGX aims to secure
COMPUTER ARCHITECTURE. Virtualization and Memory Hierarchy
COMPUTER ARCHITECTURE Virtualization and Memory Hierarchy 2 Contents Virtual memory. Policies and strategies. Page tables. Virtual machines. Requirements of virtual machines and ISA support. Virtual machines:
Copyright
1 Security Test EXTRA Workshop : ANSWER THESE QUESTIONS 1. What do you consider to be the biggest security issues with mobile phones? 2. How seriously are consumers and companies taking these threats?
Mitigating Exploits, Rootkits and Advanced Persistent Threats
Mitigating Exploits, Rootkits and Advanced Persistent Threats David Durham, Senior Principal Engineer Intel Corporation Hot Chips Tutorial 1 Hot Chips 2014 Tutorial Agenda Problem Better Protection Solid
Intel VMX technology
Intel VMX technology G. Lettieri 28 Oct. 2015 1 The Virtual Machine Monitor In the context of hardware-assisted virtualization, it is very common to introduce the concept of a Virtual Machine Monitor (VMM).
CSE543 - Computer and Network Security Module: Virtualization
CSE543 - Computer and Network Security Module: Virtualization Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 Operating System Quandary Q: What is the primary goal of system
Extended Page Tables (EPT) A VMM must protect host physical memory Multiple guest operating systems share the same host physical memory VMM typically implements protections through page-table shadowing
Meltdown and Spectre - understanding and mitigating the threats (Part Deux)
Meltdown and Spectre - understanding and mitigating the threats (Part Deux) Gratuitous vulnerability logos Jake Williams @MalwareJake SANS / Rendition Infosec sans.org / rsec.us @SANSInstitute / @RenditionSec
SentinelOne Technical Brief
SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by behavior-based threat detection and intelligent automation.
Increasing Cloud Power Efficiency through Consolidation Techniques
Increasing Cloud Power Efficiency through Consolidation Techniques Antonio Corradi, Mario Fanelli, Luca Foschini Dipartimento di Elettronica, Informatica e Sistemistica (DEIS) University of Bologna, Italy
Computer Architecture Background
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 2b Computer Architecture Background Marten van Dijk Syed Kamran Haider, Chenglu Jin, Phuong Ha Nguyen Department of Electrical & Computer Engineering
Spring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand
Introduction to Virtual Machines Nima Honarmand Virtual Machines & Hypervisors Virtual Machine: an abstraction of a complete compute environment through the combined virtualization of the processor, memory,
CSE Computer Security
CSE 543 - Computer Security Lecture 25 - Virtual machine security December 6, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ 1 Implementation and Results Experimental Platform Exact specification
ViryaOS RFC: Secure Containers for Embedded and IoT. A proposal for a new Xen Project sub-project
ViryaOS RFC: Secure Containers for Embedded and IoT A proposal for a new Xen Project sub-project Stefano Stabellini @stabellinist The problem Package applications for the target Contain all dependencies
DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S. TANENBAUM MAARTEN VAN STEEN. Chapter 3 Processes
DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S. TANENBAUM MAARTEN VAN STEEN Chapter 3 Processes Context Switching Processor context: The minimal collection of values stored in the
Intel SGX Virtualization
Sean Christopherson Intel Intel SGX Virtualization KVM Forum 2018 Traditional VM Landscape App s secrets accessible by any privileged entity, e.g. VMM and OS App App App or a malicious app that has exploited
Racing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races. CS 563 Young Li 10/31/18
Racing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races CS 563 Young Li 10/31/18 Intel Software Guard extensions (SGX) and Hyper-Threading What is Intel SGX? Set of
SCONE: Secure Linux Container Environments with Intel SGX
SCONE: Secure Linux Container Environments with Intel SGX S. Arnautov, B. Trach, F. Gregor, Thomas Knauth, and A. Martin, Technische Universität Dresden; C. Priebe, J. Lind, D. Muthukumaran, D. O'Keeffe,
MANAGEMENT OF TASKS IN VIRTUALIZED ENVIRONMENTS
MANAGEMENT OF TASKS IN VIRTUALIZED ENVIRONMENTS Asil ALKAYA Adnan Menderes University / Faculty of Business Administration Title Asst. Prof. Dr. E-mail: asil.alkaya@adu.edu.tr Abstract Virtualization has
COMS: Customer Oriented Migration Service
Boise State University ScholarWorks Computer Science Faculty Publications and Presentations Department of Computer Science 1-1-217 COMS: Customer Oriented Migration Service Kai Huang Boise State University
Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms
Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms Ralf Hund Thorsten Holz Felix C. Freiling University of Mannheim Page 1 Motivation (1) Operating systems separate system
CS 356 Operating System Security. Fall 2013
CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database
SGXBounds Memory Safety for Shielded Execution
SGXBounds Memory Safety for Shielded Execution Dmitrii Kuvaiskii, Oleksii Oleksenko, Sergei Arnautov, Bohdan Trach, Pramod Bhatotia *, Pascal Felber, Christof Fetzer TU Dresden, * The University of Edinburgh,
Fakultät Informatik Institut für Systemarchitektur, Betriebssysteme THE NOVA KERNEL API. Julian Stecklina
Fakultät Informatik Institut für Systemarchitektur, Betriebssysteme THE NOVA KERNEL API Julian Stecklina (jsteckli@os.inf.tu-dresden.de) Dresden, 5.2.2012 00 Disclaimer This is not about OpenStack Compute.
CLOUD COMPUTING IT0530. G.JEYA BHARATHI Asst.Prof.(O.G) Department of IT SRM University
CLOUD COMPUTING IT0530 G.JEYA BHARATHI Asst.Prof.(O.G) Department of IT SRM University What is virtualization? Virtualization is way to run multiple operating systems and user applications on the same
Detection and Mitigation of Performance Attacks in Multi-Tenant Cloud Computing
Institute for Cyber Security Department of Computer Science Detection and Mitigation of Performance Attacks in Multi-Tenant Cloud Computing Carlos Cardenas and Rajendra V. Boppana Computer Science Department
CS Project Report
CS7960 - Project Report Kshitij Sudan kshitij@cs.utah.edu 1 Introduction With the growth in services provided over the Internet, the amount of data processing required has grown tremendously. To satisfy
Distributed File Systems Issues. NFS (Network File System) AFS: Namespace. The Andrew File System (AFS) Operating Systems 11/19/2012 CSC 256/456 1
Distributed File Systems Issues NFS (Network File System) Naming and transparency (location transparency versus location independence) Host:local-name Attach remote directories (mount) Single global name
Operating Systems 4/27/2015
Virtualization inside the OS Operating Systems 24. Virtualization Memory virtualization Process feels like it has its own address space Created by MMU, configured by OS Storage virtualization Logical view
Using a Separation Kernel to Protect against the Remote Exploitation of Unaltered Passenger Vehicles
Safety & Security for the Connected World Using a Separation Kernel to Protect against the Remote Exploitation of Unaltered Passenger Vehicles 16 th June 2015 Mark Pitchford, Technical Manager, EMEA Today
Security versus Energy Tradeoffs in Host-Based Mobile Malware Detection
Security versus Energy Tradeoffs in Host-Based Mobile Malware Detection Jeffrey Bickford *, H. Andrés Lagar-Cavilla #, Alexander Varshavsky #, Vinod Ganapathy *, and Liviu Iftode * * Rutgers University
Xen and the Art of Virtualization. Nikola Gvozdiev Georgian Mihaila
Xen and the Art of Virtualization Nikola Gvozdiev Georgian Mihaila Outline Xen and the Art of Virtualization Ian Pratt et al. I. The Art of Virtualization II. Xen, goals and design III. Xen evaluation
Article Summary of: Understanding Cloud Computing Vulnerabilities. Michael R. Eldridge
Article Summary of: Understanding Cloud Computing Vulnerabilities Michael R. Eldridge April 14, 2016 2 Introduction News stories abound about the almost daily occurrence of break-ins and the stealing of
BUILDING SECURE (CLOUD) APPLICATIONS USING INTEL S SGX
BUILDING SECURE (CLOUD) APPLICATIONS USING INTEL S SGX FLORIAN KERSCHBAUM, UNIVERSITY OF WATERLOO JOINT WORK WITH BENNY FUHRY (SAP), ANDREAS FISCHER (SAP) AND MANY OTHERS DO YOU TRUST YOUR CLOUD SERVICE
Automated Control for Elastic Storage Harold Lim, Shivnath Babu, Jeff Chase Duke University
D u k e S y s t e m s Automated Control for Elastic Storage Harold Lim, Shivnath Babu, Jeff Chase Duke University Motivation We address challenges for controlling elastic applications, specifically storage.
BUILDING A PRIVATE CLOUD. By Mark Black Jay Muelhoefer Parviz Peiravi Marco Righini
BUILDING A PRIVATE CLOUD By Mark Black Jay Muelhoefer Parviz Peiravi Marco Righini HOW PLATFORM COMPUTING'S PLATFORM ISF AND INTEL'S TRUSTED EXECUTION TECHNOLOGY CAN HELP 24 loud computing is a paradigm
Performance Evaluation of Virtualization Technologies
Performance Evaluation of Virtualization Technologies Saad Arif Dept. of Electrical Engineering and Computer Science University of Central Florida - Orlando, FL September 19, 2013 1 Introduction 1 Introduction