ABSTRACT
This paper presents MultiHype, a novel architecture that supports multiple hypervisors (or virtual machine monitors) on a single physical platform by leveraging many-core based cloud-on-chip architecture. A MultiHype platform consists of a control plane and multiple hypervisors created on-demand, each can further create multiple guest virtual machines. Supported at architectural level, a single platform using MultiHype can behave as a distributed system with each hypervisor and its virtual machines running independently and concurrently. As a direct consequence, vulnerabilities of one hypervisor or its guest virtual machine can be confined within its own domain, which makes the platform more resilient to malicious attacks and failures in a cloud environment. Towards defending against resource exhaustion attacks, MultiHype further implements a new cache eviction policy and memory management scheme for preventing resource monopolization on shared cache, and defending against denial of resource exploits on physical memory resource launched from malicious virtual machines on shared platform. We use Bochs emulator and cycle based x86 simulation to evaluate the effectiveness and performance of MultiHype.
- 3Leaf Systems. Next generation hybrid systems for hpc. http://www.3leafsystems.com/download/3leaf_wt_paper_Next_Gen_Hybrid_Sys\%tems_for_HPC.pdf, 2009.Google Scholar
- Abramson, D., Jackson, J., Muthrasanallur, S., Neiger, G., Regnier, G., Sankaran, R., Schoinas, I., Uhlig, R., Vembu, B., and Weigert, J. Intel Virtualization Technology for directed I/O. Intel Technology Journal 10, 3 (Aug. 2006), 179--192.Google ScholarCross Ref
- Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., and Warfield, A. Virtual machine monitors: Xen and the art of virtualization. In Proceedings of the 19th ACM Symposium on Operating Systems Principles: the Sagamore, Bolton Landing, Lake George, New York, USA, October 19-22, 2003 (New York, NY 10036, USA, Dec. 2003), ACM, Ed., vol. 37(5) of Operating systems review, ACM Press, pp. 164--177. ACM order number 534030. Google ScholarDigital Library
- Baumann, A., Barham, P., Dagand, P., Harris, T., Isaacs, R., Peter, S., Roscoe, T., Schupbach, A., and Singhania, A. The multikernel: a new os architecture for scalable multicore systems. In SOSP (2009), vol. 9, Citeseer, pp. 29--44. Google ScholarDigital Library
- Ben-Yehuda, M., Day, M. D., Dubitzky, Z., Factor, M., Har'El, N., Gordon, A., Liguori, A., Wasserman, O., and Yassour, B.-A. The turtles project: design and implementation of nested virtualization. In Proceedings of the 9th USENIX conference on Operating systems design and implementation (Berkeley, CA, USA, 2010), OSDI'10, USENIX Association, pp. 1--6. Google ScholarDigital Library
- Chang, J., and Sohi, G. Cooperative cache partitioning for chip multiprocessors. In Proceedings of the 21st annual international conference on Supercomputing (2007), ACM, pp. 242--252. Google ScholarDigital Library
- Ferrie, P. Attacks on virtual machine emulators. Symantec Security Response 5 (2006).Google Scholar
- Frank Gens, Robert P Mahowald, R. L. V. An empirical study into the security exposure to hosts of hostile virtualized environments, 2007.Google Scholar
- Gries, M., and Romer., A. Performance Evaluation of Recent DRAM Architectures for Embedded Systems. In TIK Report Nr. 82, Computing Engineering and Networks Lab (TIK), Swiss Federal Institute of Technology (ETH) Zurich (November 1999).Google Scholar
- Heiser, J., and Nicolett, M. Assessing the security risks of cloud computing. http://www.gartner.com/DisplayDocument?id=685308, 2009.Google Scholar
- Held, J., Bautista, J., and Koehl, S. White paper from a few cores to many: A tera-scale computing research review.Google Scholar
- K. Lawton. Welcome to the Bochs x86 PC Emulation Software Home Page. http://www.bochs.com.Google Scholar
- Karger, P. A., and Safford, D. I/O for virtual machine monitors: Security and performance issues. IEEE Security & Privacy 6, 5 (2008), 16--23. Google ScholarDigital Library
- Keller, E., Szefer, J., Rexford, J., and Lee, R. B. Nohype: virtualized cloud infrastructure without the virtualization. In Proceedings of the 37th annual international symposium on Computer architecture (New York, NY, USA, 2010), ISCA '10, ACM, pp. 350--361. Google ScholarDigital Library
- King, S. T., Chen, P. M., min Wang, Y., Verbowski, C., Wang, H. J., and Lorch, J. R. Subvirt: Implementing malware with virtual machines. In IEEE Symposium on Security and Privacy (2006), pp. 314--327. Google ScholarDigital Library
- Kortchinsky, K. Cloudburst -- hacking 3D and breaking out of VMware. In Black Hat USA (2009).Google Scholar
- Mell, P. Nist presentation on effectively and securely using the cloud computing paradigm v26. http://csrc.nist.gov/groups/SNS/cloud-computing/index.html, 2009.Google Scholar
- Moscibroda, T., and Mutlu, O. Memory performance attacks: Denial of memory service in multi-core systems. In Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium (2007), USENIX Association, p. 18. Google ScholarDigital Library
- Neiger, G., Santoni, A., Leung, F., Rodgers, D., and Uhlig, R. Intel Virtualization Technology: Hardware support for efficient processor virtualization. Intel Technology Journal 10, 3 (Aug. 2006), 167--177.Google ScholarCross Ref
- Nesbit, K. J., Aggarwal, N., Laudon, J., and Smith, J. E. Fair queuing memory systems. In Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture (Washington, DC, USA, 2006), MICRO 39, IEEE Computer Society, pp. 208--222. Google ScholarDigital Library
- Nesbit, K. J., Laudon, J., and Smith, J. E. Virtual private caches. In Proceedings of the 34th annual international symposium on Computer architecture (New York, NY, USA, 2007), ISCA '07, ACM, pp. 57--68. Google ScholarDigital Library
- Ormandy, T. An empirical study into the security exposure to hosts of hostile virtualized environments. In CanSecWest (2007).Google Scholar
- Ristenpart, T., Tromer, E., Shacham, H., and Savage, S. Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In Proceedings of the 16th ACM conference on Computer and communications security (New York, NY, USA, 2009), CCS '09, ACM, pp. 199--212. Google ScholarDigital Library
- Rutkowska, J. Blue pill. In Black Hat USA (2006).Google Scholar
- Secunia. Advisory sa37081 - VMware ESX sever uodate for DHCP, kernel, and JRE. http://secunia.com/advisories/37081/.Google Scholar
- Shreedhar, M., and Varghese, G. Efficient fair queuing using deficit round robin. IEEE Trans. Net (1996). Google ScholarDigital Library
- Steinberg, U., and Kauer, B. NOVA: a microhypervisor-based secure virtualization architecture. In Proceedings of the 5th European conference on Computer systems (New York, NY, USA, 2010), EuroSys '10, ACM, pp. 209--222. Google ScholarDigital Library
- Uhlig, R. Forward: Intel Virtualization Technology: Taking virtualization mainstream on Intel architecture platforms. Intel Technology Journal 10, 3 (Aug. 2006), v--vi.Google ScholarCross Ref
- Vlaovic, S., and Davidson, E. S. TAXI: Trace Analysis for X86 Interpretation. In Proceedings of the 2002 IEEE International Conference on Computer Design (2002). Google ScholarDigital Library
- Wojtczuk, R. Subverting the Xen hypervisor. In Black Hat USA (2008).Google Scholar
- vWoo, D. H., and Lee, H.-H. Analyzing performance vulnerability due to resource denial of service attack on chip multiprocessors. In Workshop on Chip Multiprocessor Memory Systems and Interconnects (2007).Google Scholar
Index Terms
- Architectural support of multiple hypervisors over single platform for enhancing cloud computing security
Recommendations
Architectural support for hypervisor-secure virtualization
ASPLOS '12Virtualization has become a standard part of many computer systems. A key part of virtualization is the all-powerful hypervisor which manages the physical platform and can access all of its resources, including memory assigned to the guest virtual ...
Architectural support for hypervisor-secure virtualization
ASPLOS XVII: Proceedings of the seventeenth international conference on Architectural Support for Programming Languages and Operating SystemsVirtualization has become a standard part of many computer systems. A key part of virtualization is the all-powerful hypervisor which manages the physical platform and can access all of its resources, including memory assigned to the guest virtual ...
Architectural support for hypervisor-secure virtualization
ASPLOS '12Virtualization has become a standard part of many computer systems. A key part of virtualization is the all-powerful hypervisor which manages the physical platform and can access all of its resources, including memory assigned to the guest virtual ...
Comments