Virtualization detection strategies and their outcomes in public clouds

2017 IEEE Asia Pacific Conference on Postgraduate Research in Microelectronics and Electronics (PrimeAsia) Pub Date : 2017-10-01 DOI:10.1109/PRIMEASIA.2017.8280360

B. Asvija, R. Eswari, M. B. Bijoy

{"title":"Virtualization detection strategies and their outcomes in public clouds","authors":"B. Asvija, R. Eswari, M. B. Bijoy","doi":"10.1109/PRIMEASIA.2017.8280360","DOIUrl":null,"url":null,"abstract":"Virtualization detection on publicly exposed computing resources can have serious security implications. It can lead to the exploitation of known vulnerabilities in the virtualization software and also to carrying out attacks on shared virtual resources. The impact of such attacks can be very severe on public clouds, as numerous clients who subscribe to the cloud services share the infrastructure. Yet the threat of virtualization detection has been often overlooked by many cloud service providers. In this paper, we show how the three popular public clouds namely the Amazon EC2, Google Computing Engine and the Microsoft Azure clouds are vulnerable to this risk. We summarize the various approaches used for virtualization detection and present the results obtained on the public clouds from an attacker's perspective. We demonstrate that the publicly exposed guest instances are not hardened to prevent this information leakage to the attackers. In addition to the prior known approaches, we also propose and demonstrate a new approach for detecting virtualization, based on the location and size of the descriptor tables.","PeriodicalId":335218,"journal":{"name":"2017 IEEE Asia Pacific Conference on Postgraduate Research in Microelectronics and Electronics (PrimeAsia)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE Asia Pacific Conference on Postgraduate Research in Microelectronics and Electronics (PrimeAsia)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PRIMEASIA.2017.8280360","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

Abstract

Virtualization detection on publicly exposed computing resources can have serious security implications. It can lead to the exploitation of known vulnerabilities in the virtualization software and also to carrying out attacks on shared virtual resources. The impact of such attacks can be very severe on public clouds, as numerous clients who subscribe to the cloud services share the infrastructure. Yet the threat of virtualization detection has been often overlooked by many cloud service providers. In this paper, we show how the three popular public clouds namely the Amazon EC2, Google Computing Engine and the Microsoft Azure clouds are vulnerable to this risk. We summarize the various approaches used for virtualization detection and present the results obtained on the public clouds from an attacker's perspective. We demonstrate that the publicly exposed guest instances are not hardened to prevent this information leakage to the attackers. In addition to the prior known approaches, we also propose and demonstrate a new approach for detecting virtualization, based on the location and size of the descriptor tables.

查看原文本刊更多论文

公共云中的虚拟化检测策略及其结果

对公开的计算资源进行虚拟化检测可能会产生严重的安全隐患。它可能导致利用虚拟化软件中的已知漏洞，并对共享虚拟资源进行攻击。这种攻击对公共云的影响可能非常严重，因为订阅云服务的许多客户机共享基础设施。然而，虚拟化检测的威胁常常被许多云服务提供商所忽视。在本文中，我们展示了三种流行的公共云，即亚马逊EC2、谷歌计算引擎和微软Azure云如何容易受到这种风险的影响。我们总结了用于虚拟化检测的各种方法，并从攻击者的角度展示了在公共云上获得的结果。我们证明，没有对公开暴露的来宾实例进行加固，以防止这些信息泄露给攻击者。除了前面已知的方法之外，我们还提出并演示了一种基于描述符表的位置和大小来检测虚拟化的新方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2017 IEEE Asia Pacific Conference on Postgraduate Research in Microelectronics and Electronics (PrimeAsia)

自引率

0.00%

发文量