Paper Info
Title
HyperVerify: A VM-assisted Architecture for Monitoring Hypervisor Non-control Data
Abstract
Continuing bug reports and exploits in hyper visors indicate that hyper visors face similar integrity threats as tradition software. Previous approaches to protect a hyper visor that utilize hardware features are not easy to be extended. Besides, they mainly focus on code or control data integrity, without pay much attention to protecting non-control data. In this paper, we present Hyper Verify, a novel architecture to monitor hyper visor non-control data using a trusted VM. Since a VM cannot directly access a hyper visor's memory, Hyper Verify programs a popular device driver to read the hyper visor's hardware state in the trusted VM. Then a memory analysis library is used to translate the low-level hardware state into the high level hyper visor context. Several monitoring processes use such context to monitor hyper visor non-control data integrity. Each of the processes is responsible for monitoring one kind of non-control data. It is flexible for Hyper Verify to support monitoring new kinds of data structure. The experimental evaluation of our prototype shows that Hyper Verify incurs at most 4% performance overhead to end users.
Year
DOI
Venue
2013
10.1109/SERE-C.2013.20
SERE (Companion)
Keywords
Field
DocType
vm-assisted architecture,monitoring hypervisor non-control data,hyper visor non-control data,hardware feature,hyper visor,hyper verify program,non-control data,hyper verify,hyper visor context,hyper verify incurs,data structure,control data integrity,data integrity,virtualisation,virtualization,data structures,system monitoring,security,hardware,virtual machines
Virtualization,Data structure,Virtual machine,Computer science,Hypervisor,Exploit,System monitoring,Data integrity,Software,Operating system,Embedded system
Conference
Citations 
PageRank 
References 
5
0.43
25
Authors
4
Name
Order
Citations
PageRank
Baozeng Ding1182.83
Yeping He27714.64
Yanjun Wu37323.02
Yuqi Lin4322.09