Multiple attacks on virtualization-based security monitoring

Guang Lu Yan; Sen Lin Luo; Wei Wei; Li Min Pan

doi:10.15918/j.jbit1004-0579.201625.0214

Multiple attacks on virtualization-based security monitoring

Guang Lu Yan, Sen Lin Luo, Wei Wei, Li Min Pan^*

^*Corresponding author for this work

Beijing Institute of Technology

Research output: Contribution to journal › Article › peer-review

Abstract

Three kinds of vulnerabilities that may exist in some of current virtualization-based security monitoring systems were proposed: page mapping problem, lack of overall protection, and inherent limitations. Aiming at these vulnerabilities, relative attack methods were presented in detail. Our experiments show that the attack methods, such as page mapping attack, data attack, and non-behavior detection attack, can attack simulated or original security monitors successfully. Defenders, who need to effectively strengthen their security monitors, can get an inspiration from these attack methods and find some appropriate solutions.

Original language	English
Pages (from-to)	254-263
Number of pages	10
Journal	Journal of Beijing Institute of Technology (English Edition)
Volume	25
Issue number	2
DOIs	https://doi.org/10.15918/j.jbit1004-0579.201625.0214
Publication status	Published - 1 Jun 2016

Keywords

Attack method
Security threat
Virtual machine monitor
Virtualization
Vulnerability

Access to Document

10.15918/j.jbit1004-0579.201625.0214

Cite this

@article{148553f2395e41ef84d644407726c412,

title = "Multiple attacks on virtualization-based security monitoring",

abstract = "Three kinds of vulnerabilities that may exist in some of current virtualization-based security monitoring systems were proposed: page mapping problem, lack of overall protection, and inherent limitations. Aiming at these vulnerabilities, relative attack methods were presented in detail. Our experiments show that the attack methods, such as page mapping attack, data attack, and non-behavior detection attack, can attack simulated or original security monitors successfully. Defenders, who need to effectively strengthen their security monitors, can get an inspiration from these attack methods and find some appropriate solutions.",

keywords = "Attack method, Security threat, Virtual machine monitor, Virtualization, Vulnerability",

author = "Yan, {Guang Lu} and Luo, {Sen Lin} and Wei Wei and Pan, {Li Min}",

note = "Publisher Copyright: {\textcopyright} 2016 Beijing Institute of Technology.",

year = "2016",

month = jun,

day = "1",

doi = "10.15918/j.jbit1004-0579.201625.0214",

language = "English",

volume = "25",

pages = "254--263",

journal = "Journal of Beijing Institute of Technology (English Edition)",

issn = "1004-0579",

publisher = "Beijing Institute of Technology",

number = "2",

}

TY - JOUR

T1 - Multiple attacks on virtualization-based security monitoring

AU - Yan, Guang Lu

AU - Luo, Sen Lin

AU - Wei, Wei

AU - Pan, Li Min

PY - 2016/6/1

Y1 - 2016/6/1

N2 - Three kinds of vulnerabilities that may exist in some of current virtualization-based security monitoring systems were proposed: page mapping problem, lack of overall protection, and inherent limitations. Aiming at these vulnerabilities, relative attack methods were presented in detail. Our experiments show that the attack methods, such as page mapping attack, data attack, and non-behavior detection attack, can attack simulated or original security monitors successfully. Defenders, who need to effectively strengthen their security monitors, can get an inspiration from these attack methods and find some appropriate solutions.

AB - Three kinds of vulnerabilities that may exist in some of current virtualization-based security monitoring systems were proposed: page mapping problem, lack of overall protection, and inherent limitations. Aiming at these vulnerabilities, relative attack methods were presented in detail. Our experiments show that the attack methods, such as page mapping attack, data attack, and non-behavior detection attack, can attack simulated or original security monitors successfully. Defenders, who need to effectively strengthen their security monitors, can get an inspiration from these attack methods and find some appropriate solutions.

KW - Attack method

KW - Security threat

KW - Virtual machine monitor

KW - Virtualization

KW - Vulnerability

UR - http://www.scopus.com/inward/record.url?scp=84977274497&partnerID=8YFLogxK

U2 - 10.15918/j.jbit1004-0579.201625.0214

DO - 10.15918/j.jbit1004-0579.201625.0214

M3 - Article

AN - SCOPUS:84977274497

SN - 1004-0579

VL - 25

SP - 254

EP - 263

JO - Journal of Beijing Institute of Technology (English Edition)

JF - Journal of Beijing Institute of Technology (English Edition)

IS - 2

ER -

Multiple attacks on virtualization-based security monitoring

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this