Title :
Security implications of memory deduplication in a virtualized environment
Author :
Jidong Xiao ; Zhang Xu ; Hai Huang ; Haining Wang
Author_Institution :
Coll. of William & Mary, Williamsburg, VA, USA
Abstract :
Memory deduplication has been widely used in various commodity hypervisors. By merging identical memory contents, it allows more virtual machines to run concurrently on top of a hypervisor. However, while this technique improves memory efficiency, it has a large impact on system security. In particular, memory deduplication is usually implemented using a variant of copy-on-write techniques, for which, writing to a shared page would incur a longer access time than those non-shared. In this paper, we investigate the security implication of memory deduplication from the perspectives of both attackers and defenders. On one hand, using the artifact above, we demonstrate two new attacks to create a covert channel and detect virtualization, respectively. On the other hand, we also show that memory deduplication can be leveraged to safeguard Linux kernel integrity.
Keywords :
Linux; concurrency control; merging; paged storage; security of data; storage management; supervisory programs; virtual machines; virtualisation; Linux kernel integrity; access time; commodity hypervisors; concurrent virtual machines; copy-on-write techniques; identical memory content merging; memory deduplication; memory efficiency improvement; security implications; shared page writing; system security; virtualization detection; virtualized environment; Linux; Virtual machine monitors;
Conference_Titel :
Dependable Systems and Networks (DSN), 2013 43rd Annual IEEE/IFIP International Conference on
Conference_Location :
Budapest
Print_ISBN :
978-1-4673-6471-3
DOI :
10.1109/DSN.2013.6575349
