Return to search

Mitigation of Virtunoid Attacks on Cloud Computing Systems

Virtunoid is a proof of concept exploit abusing a vulnerability in the open source hardware virtualisation control program QEMU-KVM. The vulnerability originally stems from improper hotplugging of emulated embedded circuitry in the Intel PIIX4 southbridge resulting in memory corruption and dangling pointers. The exploit can be used to compromise the availability of the virtual machine, or to escalate privileges compromising the confidentiality of the resources in the host system. The research presented in this dissertation shows that the discretionary access control system, provided by default in most Linux operating systems, is insufficient in protecting the QEMU-KVM hypervisor against the Virtunoid exploit. Further, the research presented in this dissertation shows that the open source solutions AppArmor and grsecurity enhances the Linux operating system with additional protection against the Virtunoid exploit through mandatory access control, either through profiling or role-based access control. The research also shows that the host intrusion prevention system PaX does not provide any additional protection against the Virtunoid exploit. The comprehensive and detailed hands-on approach of this dissertation holds the ability to be reproduced and quantified for comparison necessary for future research.

Identiferoai:union.ndltd.org:UPSALLA1/oai:DiVA.org:uu-243353
Date January 2015
CreatorsForsell, Daniel McKinnon
PublisherUppsala universitet, Institutionen för informationsteknologi
Source SetsDiVA Archive at Upsalla University
LanguageEnglish
Detected LanguageEnglish
TypeStudent thesis, info:eu-repo/semantics/bachelorThesis, text
Formatapplication/pdf
Rightsinfo:eu-repo/semantics/openAccess
RelationIT ; 15005

Page generated in 0.0021 seconds