Shared resource matrix methodology: an approach to identifying storage and timing channels
ACM Transactions on Computer Systems (TOCS)
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
The Definitive Guide to the Xen Hypervisor (Prentice Hall Open Source Software Development Series)
The Definitive Guide to the Xen Hypervisor (Prentice Hall Open Source Software Development Series)
Hi-index | 0.00 |
Covert channels have been known since a long time and under various forms. Methods used by designers to exchange information with discretion depend mainly on their creativity. These streams of data are so stealthy that they can be easily used by some dishonest persons or malwares. In an (supposed) other world, the virtualization of operating systems has brought a higher flexibility in the deployment of server farms and shared hosting. It also brings hopes concerning security through partitioning. These two subjects are not so obviously linked, but for each form of new technologie we need to think about past errors to be able to bypass them before they come up. The designer may not know all threats, and new exploitation techniques can appear, more or less planned. In this context, this article explains technologies used by the Xen paravirtualizer about memory management and virtual guests. Thereafter, it explains how to exploit this mechanism to reach a new method of covert channel for virtual machines. Finally, experimental results show that the proof of concept can stealthily transfer data between virtual machines.