Methodology for enabling forensic analysis using hypervisor vulnerabilities data

Chandramouli, Ramaswamy; Singhal, Anoop; Wijesekera, Duminda; Liu, Changwei

doi:10.6028/nist.ir.8221

Cited by 2 publications

(1 citation statement)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Regardless of how super powers were gained, privileged attackers have full control of the entire cloud stack, and can thus use many potential vectors to exploit systems' weaknesses and steal or alter sensitive data (and/or code) while it is in-use, as detailed in the following. Attacks launched via virtualization layer -Threat reports indicate that most popular hypervisors (e.g., Xen, KVM, VMware) expose vulnerabilities to escape the virtualized environment, i.e., the guest OS [15], by leveraging functionalities such as SoftMMU, VMExit, Hypercalls. In the context of container-based virtualization (e.g., Kubernetes), an attacker can exploit vulnerabilities in the Orchestrator or in the container image registry [16].…”

Section: Threat Modelmentioning

confidence: 99%

VISE: Combining Intel SGX and Homomorphic Encryption for Cloud Industrial Control Systems

Coppolino

D’Antonio

Formicola

et al. 2021

IEEE Trans. Comput.

View full text Add to dashboard Cite

Protecting data-in-use from privileged attackers is challenging. New CPU extensions (notably: Intel SGX ) and cryptographic techniques (specifically: Homomorphic Encryption) can guarantee privacy even in untrusted third-party systems. HE allows sensitive processing on ciphered data. However, it is affected by i) a dramatic ciphertext expansion making HE unusable when bandwidth is narrow, ii) unverifiable conditional variables requiring off-premises support. Intel SGX allows sensitive processing in a secure enclave. Unfortunately, it is i) strictly bonded to the hosting server making SGX unusable when the live migration of cloud VMs/Containers is desirable, ii) limited in terms of usable memory, which is in contrast with resource-consuming data processing. In this paper, we propose the VIrtual Secure Enclave (VISE), an approach that effectively combines the two aforementioned techniques, to overcome their limitations and ultimately make them usable in a typical cloud setup. VISE moves the execution of sensitive HE primitives (e.g., encryption) to the cloud in a remotely attested SGX enclave, and then performs sensitive processing on HE data -outside the enclaveleveraging all the memory resources available. We demonstrate that VISE meets the challenging security and performance requirements of a substantial application in the Industrial Control Systems domain. Our experiments prove the practicability of the proposed solution.

show abstract

Section: Threat Modelmentioning

confidence: 99%