Title :
Return-Oriented Programming Attack on the Xen Hypervisor
Author :
Ding, Baozeng ; Wu, Yanjun ; He, Yeping ; Tian, Shuo ; Guan, Bei ; Wu, Guowei
Author_Institution :
Inst. of Software, Beijing, China
Abstract :
In this paper, we present an approach to attack on the Xen hypervisor utilizing return-oriented programming (ROP). It modifies the data in the hypervisor that controls whether a VM is privileged or not and thus can escalate the privilege of an unprivileged domain (domU) at run time. As ROP technique makes use of existed code to implement attack, not modifying or injecting any code, it can bypass the integrity protections that base on code measurement. By constructing such kind of attack at the virtualization layer, it can motivate further research work towards preventing or detecting ROP attack on the hypervisor.
Keywords :
data integrity; security of data; virtual machines; ROP; ROP technique; VM; Xen hypervisor; code measurement; domU; integrity protections; return-oriented programming attack; unprivileged domain; virtualization layer; Kernel; Payloads; Programming; Registers; Security; Virtual machine monitors; Return-oriented programming; hypervisor; privilege escalation; security;
Conference_Titel :
Availability, Reliability and Security (ARES), 2012 Seventh International Conference on
Conference_Location :
Prague
Print_ISBN :
978-1-4673-2244-7
DOI :
10.1109/ARES.2012.16
