Research Article
Preventing Secret Data Leakage from Foreign Mappings in Virtual Machines
@INPROCEEDINGS{10.1007/978-3-642-31909-9_25, author={Hanjun Gao and Lina Wang and Wei Liu and Yang Peng and Hao Zhang}, title={Preventing Secret Data Leakage from Foreign Mappings in Virtual Machines}, proceedings={Security and Privacy in Communication Networks. 7th International ICST Conference, SecureComm 2011, London, UK, September 7-9, 2011, Revised Selected Papers}, proceedings_a={SECURECOMM}, year={2012}, month={10}, keywords={Direct Foreign mappings Virtual machine Hyprevisor Privacy Secrecy Data leakage}, doi={10.1007/978-3-642-31909-9_25} }- Hanjun Gao
Lina Wang
Wei Liu
Yang Peng
Hao Zhang
Year: 2012
Preventing Secret Data Leakage from Foreign Mappings in Virtual Machines
SECURECOMM
Springer
DOI: 10.1007/978-3-642-31909-9_25
Abstract
The foreign mapping mechanism of Xen is used in privileged virtual machines (VM) for platform management. With help of it, a privileged VM can map arbitrary machine frames of memory from a specific VM into its page tables. This leaves a vulnerability that malware may compromise the secrecy of normal VMs by exploiting the foreign mapping mechanism. To address this privacy exposure, we present a novel application’s memory privacy protection (AMP) scheme by exploiting hypervisor. In AMP, an application can protect its memory privacy by registering its address space into hypervisor; before the application exists or cancels its protection, any foreign mapping to protected pages will be disabled. With these measures, AMP prevents sensitive data leakage when malware attempts to eavesdrop them by exploiting foreign mapping. Finally, extensive experiments are performed to validate AMP. The experimental results show that AMP achieves strong privacy resilency while incurs only 2% extra overhead for CPU workloads.