Security Services in Virtualized Environments - overview
Project Goal: To build an infrastructure for providing
a rich set of security services that are
based on the secure foundation of virtualization
infrastructure. Specifically, this project
aims at ensuring safe introspection API's
and based on it, integrity protection of
critical resources, deployment of in-partition
agents, and cross platform support.
Virtualization enables
On-demand, centralized security services
Centralization (reduced security footprint,
sharing of knowledge)
Isolation (improve the tamper-resistance
of solutions)
Visibility (examine virtual networks and
virtual machines)
Scalability (grow/shrink security footprint
based on load)
Advanced Remediation (integrate with infrastructure
APIs)
Reduction of security sprawl across virtual
infrastructures
Use case: Anti-Rootkit System based on Virtual Machine
Introspection
Use case summary: A protected Security virtual machine (SVM)
uses virtual machine introspection to monitor
critical OS data structures in guests for
changes made by rootkits and other types
of malware. We develop the Anti-Rootkit System
in collaboration with the IBM Zurich Research Lab.
Exemplary attack scenario:
Rootkit takes a hold in the guest, e.g.,
by exploiting a web browser vulnerability
Rootkit attempts to hide itself by manipulating
guest kernel data structures
SVM security agent detects OS tampering and
detects or reverts tampering using introspection
SVM security agent performs clean-up of rootkit
Publications:
Cloud Security Is Not (Just) Virtualization
Security. Mihai Christodorescu, Reiner Sailer,
Douglas Schales, Daniele Sgandurra, Diego
Zamboni. The 1st ACM Cloud Computing Security
Workshop. November, 2009. Paper on ACM Server.