• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 1
  • Tagged with
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

Mitigation of Virtunoid Attacks on Cloud Computing Systems

Forsell, Daniel McKinnon January 2015 (has links)
Virtunoid is a proof of concept exploit abusing a vulnerability in the open source hardware virtualisation control program QEMU-KVM. The vulnerability originally stems from improper hotplugging of emulated embedded circuitry in the Intel PIIX4 southbridge resulting in memory corruption and dangling pointers. The exploit can be used to compromise the availability of the virtual machine, or to escalate privileges compromising the confidentiality of the resources in the host system. The research presented in this dissertation shows that the discretionary access control system, provided by default in most Linux operating systems, is insufficient in protecting the QEMU-KVM hypervisor against the Virtunoid exploit. Further, the research presented in this dissertation shows that the open source solutions AppArmor and grsecurity enhances the Linux operating system with additional protection against the Virtunoid exploit through mandatory access control, either through profiling or role-based access control. The research also shows that the host intrusion prevention system PaX does not provide any additional protection against the Virtunoid exploit. The comprehensive and detailed hands-on approach of this dissertation holds the ability to be reproduced and quantified for comparison necessary for future research.

Page generated in 0.0333 seconds