您的位置:山东大学 -> 科技期刊社 -> 《山东大学学报(理学版)》

山东大学学报(理学版) ›› 2017, Vol. 52 ›› Issue (3): 38-43.doi: 10.6040/j.issn.1671-9352.1.2016.083

• • 上一篇    下一篇

KVM Hypervisor安全能力增强技术研究

赵丹丹1,陈兴蜀1,2*,金鑫1   

  1. 1. 四川大学计算机学院, 四川 成都 610065;2. 四川大学网络空间安全研究院, 四川 成都 610065
  • 收稿日期:2016-08-18 出版日期:2017-03-20 发布日期:2017-03-20
  • 通讯作者: 陈兴蜀(1968— ),女,博士,教授,研究方向为云计算安全,大数据安全.E-mail:chenxsh@scu.edu.cn E-mail:zdd-zhaodandan@qq.com
  • 作者简介:赵丹丹(1993— ),女,硕士,研究方向为虚拟化安全.E-mail: zdd-zhaodandan@qq.com
  • 基金资助:
    国家自然科学基金资助项目(61272447)

A study on security enhancement technology for KVM Hypervisor

ZHAO Dan-dan1, CHEN Xing-shu1,2*, JIN Xin1   

  1. 1. School of Computing Sichuan University, Chengdu 610065, Sichuan, China;
    2.Cybersecurity Research Institute, Sichuan University, Chengdu 610065, Sichuan, China
  • Received:2016-08-18 Online:2017-03-20 Published:2017-03-20

摘要: 为了增强基于内核的虚拟机(kernal-based virtual Machine, KVM)Hypervisor的安全能力,提出一种基于多脆弱点的多层次安全能力增强技术,采用Hypervisor类型隐藏、VMX扩展指令监控、ioctl系统调用交互接口防护、KVM完整性动态度量以及防卸载技术增强KVM Hypervisor的安全能力,并及时发现基于接口的未知攻击。在KVM全虚拟化环境下实现了Hypervisor安全加固的原型系统安全KVM(Security-KVM, Sec-KVM)。实验结果表明:Se-KVM能够隐藏Hypervisor的类型,增强KVM Hypervisor的抗攻击能力,保护KVM和ioctl系统调用接口的完整性,防止攻击扩展,并且能够及时发现基于KVM服务接口的未知攻击。

关键词: 虚拟机监视器, ioctl系统调用, 动态度量, KVM, 类型隐藏, VMX扩展指令

Abstract: To enhance the security capabilities of kernel-based virtual machine(KVM)Hypervisor, a multi-level security capabilities enhancement technology was proposed based on multi vulnerabilities, including Hypervisor type trick, VMX instructions monitoring, the ioctl system call interface protection, dynamical KVM code measurement and anti-unloading technology, to enhance the security capabilities of the KVM Hypervisor and detect some unknown attacks base interfaces of KVM in time. Eventually a prototype system on the full-virtualization platform of KVM was implemented which was called(Security-KVM, Sec-KVM). The experimental result shows that the Sec-KVM is able to hide the virtualization type of the Hypervisor which enhanced the ability of anti-attack of Hypervisor, dynamically measure the integrity of the KVM and the ioctl system call interface which prevented spread of the attacks, and detect some unknown attacks based KVM service interfaces.

Key words: virtual machine monitor, type hide, ioctl system call, KVM, dynamic measurement

中图分类号: 

  • TP316
[1] 沈余锋,余小军.云计算环境下虚拟化安全探讨[J].电力信息与通信技术,2013,11(11):6-11. SHEN Yujun, YU Xiaojun. Virtualization security discussed in cloud computing environment[J].The power of information and communication technology, 2013, 11(11):6-11.
[2] Wikipedia.Virtual Machine Escape[EB/OL].[2016-03-20].http://en.wikipedia.org/wiki/Virtual-machine-escape.
[3] DING Baozeng, HE Yeping, WU Yanjun, et al. Systemic threats to hypervisor non-control data[J].Information Security, 2013, 7(4):349-354.
[4] 沈昌祥,张焕国,王怀民,等.可信计算的研究与发展[J].中国科学:信息科学,2010,40:139-166. SHEN Changxiang, ZHANG Huanguo, WANG Huaimin, et al. Research and development of trusted computing[J].China Science: Information Science, 2010, 40:139-166.
[5] WANG Zhi, JIANG Xuxian, HyperSafe:A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity[C].Proceedings Of IEEE Symposium on Security and Privacy, 2010:380-395.
[6] AZAB A M, NING Peng, WANG Zhi, et al. HyperSentry: Enabling Stealthy In-context Measurement of Hypervisor Integrity[C]. Proceedings of 17th ACM Conference on Computer and Communications Security, 2010:38-49.
[7] 刘宏.云计算环境下虚拟机逃逸问题研究[D].上海:上海大学计算机工程与科学学院,2015. LIU Hong. The research of virtual machine escape in cloud computing environment[D].Shanghai: School of Computer Engineering and Science, Shanghai University, 2015.
[8] XIA Yubin, LIU Yutao, CHEN Haibo, et al. Defending against VM Rollback Attack[C]. Proceedings of 2nd International Workshop on Dependability of Clouds, Data Centers and Virtual Machine Technology(DCDV 2012), 2012.
[9] 杨峰, 姜辉, 诸葛建伟,等. 虚拟机环境检测方法研究综述[J]. 中国科技论文在线, 2012, 33(8):1830-1835. YANG Feng, JIANG Hui, ZHUGE Jianwei, et al. A survey on Virtual Machine Environment Detection Methods[J]. China Science and Technology Papers Online, 2012, 33(8):1830-1835.
[10] Vpsee. How to judge whether the Linux running on the virtual machine [EB/OL].[2015-10-28].http://www.vpsee.com/2011/01/how-to-detect-if-a-linux-system-running-on-a-virtual-machine/.
[11] Corporation Intel. Intel 64 and IA-32 Architectures Software Developer’s Manual Volume3C: System Programming Guide[EB/OL]. [2015-12-25]. http://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-manual-325462.pdf.
[12] CrowdStrike. VENOM VIRTUALIZED ENVIRONMENT NEGLETED OPERATIONS MANIPULATION[EB/OL].[2016-01-12]. http://venom.crowdstrike.com/.
[13] 陈兴蜀, 赵丹丹, 李辉,等. 基于虚拟化的不可信模块运行监控[J]. 华中科技大学学报:自然科学版, 2016, 44(3):34-38. CHEN Xingshu, ZHAO Dandan, LI Hui, et al. Virtualization-based monitoring of untrusted extesions execution[J]. Journal of Huazhong University of Science and Technology: natural science edition, 2016, 44(3):34-38.
[14] 落尘纷扰.内核符号表的生成和查找过程[EB/OL].[2015-03-01].http://blog.csdn.net/jasonchen-gbd/article/details/44025681. LUOCEHN Fanrao.The generation of the kernel symbol table and search process [EB/OL].[2015-03-01].http://blog.csdn.net/jasonchen-gbd/article/details/44025681.
[15] Terenceli. The analysis and use of VENOM [EB/OL].[2015-06-08].http://terenceli.github.io/%E6%8A%80%E6%9C%AF/2015/06/26/venom.
[16] HANN Little. Linux System Calls Hooking Method Summary[EB/OL].[2015-03-15].http://www.cnblogs.com/LittleHann/p/3854977.html.
[17] 梭溪.动态替换Linux核心函数的原理和实现[EB/OL].[2016-03-18].https://www.ibm.com/developerworks/cn/linux/l-knldebug/. SUO Xi. The principle and implementation of dynamic replacement of the Linux kernel functions[EB/OL].[2016-03-18].https://www.ibm.com/developerworks/cn/linux/l-knldebug/.
[1] 黄宇晴,赵波,肖钰,陶威. 一种基于KVM的vTPM虚拟机动态迁移方案[J]. 山东大学学报(理学版), 2017, 52(6): 69-75.
[2] 纪祥敏, 赵波, 向騻, 夏忠林. 基于扩展LS2的VMM动态度量形式化分析[J]. 山东大学学报(理学版), 2014, 49(09): 1-8.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!