• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Journal in computer virology >On covert channels between virtual machines
【24h】

On covert channels between virtual machines

机译:在虚拟机之间的秘密通道上

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Virtualization technology has become very popular because of better hardware utilization and easy maintenance. However, there are chances for information leakage and possibilities of several covert channels for information flow between the virtual machines. Our work focuses on the experimental study of security threats in virtualization, especially due to covert channels and other forms of information leakage. The existence of data leakage during migration shutdown and destruction of virtual machines, is tested on different hypervisors. For empirically showing the possibility of covert channels between virtual machines, three new network based covert channels are hypothesized and demonstrated through implementation, on different hypervisors. One of the covert channels hypothesized is a TCP/IP steganography based covert channel. Other covert channels are a timing covert channel and a new network covert channel having two pairs of socket programs. We propose a VMM (Virtual Machine Monitor) based network covert channel avoidance mechanism, tackling detection resistant covert channel problems. We also address issue of reducing the possibilities of network based covert channels using VMM-level firewalls. In order to emphasize the importance of addressing the issue of information leakage through virtual machines, we illustrate the simplicity of launching network covert channel based attacks, by demonstrating an attack on a virtual machine using covert channels through implementation.
机译:由于更好的硬件利用率和易于维护,虚拟化技术已变得非常流行。但是,存在信息泄漏的机会,以及虚拟机之间信息流动的多个隐蔽通道的可能性。我们的工作专注于虚拟化中安全威胁的实验研究,特别是由于隐蔽渠道和其他形式的信息泄漏所致。在不同的管理程序上测试了迁移关闭和虚拟机破坏期间是否存在数据泄漏。为了从经验上显示虚拟机之间的隐蔽通道的可能性,假设并通过在不同的虚拟机管理程序上的实施方式演示了三个基于网络的隐蔽通道。假设的秘密通道之一是基于TCP / IP隐写术的秘密通道。其他隐蔽通道是定时隐蔽通道和具有两对套接字程序的新网络隐蔽通道。我们提出了一种基于VMM(虚拟机监视器)的网络隐蔽通道规避机制,以解决难以检测的隐蔽通道问题。我们还解决了使用VMM级防火墙减少基于网络的隐蔽通道的可能性的问题。为了强调解决虚拟机信息泄漏问题的重要性,我们通过演示使用隐蔽通道对虚拟机的攻击来演示对基于隐蔽通道的网络发起攻击的简单性。

著录项

  • 来源
    《Journal in computer virology》 |2012年第3期|85-97|共13页
  • 作者

    P. Ranjith; Chandran Priya; Kaleeswaran Shalini;

  • 作者单位

    1.Department of Computer Science and Engineering National Institute of Technology Calicut Calicut 673601 Kerala India;

    1.Department of Computer Science and Engineering National Institute of Technology Calicut Calicut 673601 Kerala India;

    1.Department of Computer Science and Engineering National Institute of Technology Calicut Calicut 673601 Kerala India;

  • 收录信息
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类
  • 关键词

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号