XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bitdefender and Ravi Sahita, Intel


Published on

This presentation will detail a practical approach to memory introspection of virtual machines running on the Xen hypervisor with no in-guest footprint. The functionality makes use of the mem-event API with a number of improvements which enable the proper tracking of guest OS activity. The technology created on top of this Xen API opens the door for several immediate applications, including: rootkit detection and prevention, detection and action on several categories of malware, and event source information for low-level post-event forensics and correlation based on real event data during events.

Published in: Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

XPDS14 - Zero-Footprint Guest Memory Introspection from Xen - Mihai Dontu, Bitdefender and Ravi Sahita, Intel

  1. 1. www.bitdefender.com 8/25/2014• 1Zero-Footprint Guest Memory Introspection from Xen Xen Project DEVELOPER SUMMITAugust 18th, 2014Mihai DONȚU –Technical Project Manager, BitdefenderRavi SAHITA –Principal Engineer, IntelImproving VM Introspection Using Hardware Virtualization Extensions
  2. 2. www.bitdefender.com 8/25/2014• 2 Outline •Security issues •Memory introspection oOperation oEvolution •XenAccess and mem-events enhancements •Sample usages •Hardware Acceleration for memory introspection •Conclusions
  3. 3. www.bitdefender.com 8/25/2014• 3 Securityissues we are facing today •Advanced malware types oRootkits oKernel exploits oZero-days •APTs, botnets, cyber-espionage and so on heavily rely on those…
  4. 4. www.bitdefender.com 8/25/2014• 4 Securityissues we are facing today2
  5. 5. www.bitdefender.com 8/25/2014• 5 Securityissuesweare facing today3 Malware today execute in the same context and with the same privileges as anti-malware software lack of isolation problem Common Malware Advanced Malware Drivers App1(Office) OS Kernel ISOLATIONKernel Controlled App2(Browser) SecuritySolution SecurityFilter Drivers App1(Office) OS Kernel App2(Browser) SecuritySolution SecurityFilter ISOLATIONKernel Controlled Isolation Bypassed & Malware Controlled
  6. 6. www.bitdefender.com 8/25/2014• 6 Conclusion: advanced attacks evade traditional security solutions
  7. 7. www.bitdefender.com 8/25/2014• 7 Envision the big picture so… what’s the big difference?... Xen Hypervisor dom0 SVA (domU0) domU1 MemoryIntrospection Engine domU2 domUN Protected area
  8. 8. www.bitdefender.com 8/25/2014• 8 Memory introspection Envision the big picture Xen Hypervisor dom0 SVA (domU0) domU1 MemoryIntrospection Engine domU2 domUN Protected area Hypervisor Controlled, Hardware EnforcedSTRONG ISOLATION Introspection Engine Alternative 2 Introspection Engine Alternative 3
  9. 9. www.bitdefender.com 8/25/2014• 9 •Address a number of security issues from outside the guest OS without relying on functionality that can be rendered unreliable by advanced malware •Analyze raw memory image of guest OS, services and user mode applications, then identify okernel memory areas odriver objects, driver code, IDT, etc. ouser memory areas oprocess code, process stack, process heap, etc. What is memory introspection? Envision the big picture
  10. 10. www.bitdefender.com 8/25/2014• 10 •Use existent hardware virtualization extensions (Intel EPT / AMD RVI) •Set hooks on guest OS memory omark 4K pages as non-execute or non-writable ohooking & notification must be supported efficientlyby HV & CPU •Audit access of those areas by the code running in VM (OS or apps) owrite attempts (driver objects, fast I/O tables, page tables) oexecution attempts •Allow or deny attempts –decision provided by security logic How does it work? Memory introspection
  11. 11. www.bitdefender.com 8/25/2014• 11 How does it work? 2 Memory introspection EPT protected areas provide detection for various OS level changes (ex. new module load, new process start, …) EPT protected areas provide detection for attempts & protection against integrity violation Guest VM PhysicalMemory Space OS kernel code kernel driver code and data kernel data SSDT, IDT, … user mode code user mode stacks & heaps
  12. 12. www.bitdefender.com 8/25/2014• 12 •Building a reliable image of the guest OS state owhat objects are inside a guest VM? owhat operations are being performed inside a guest VM? oobject and event identification and correlation is done by the introspection engine –to decide event and object maliciousness •Using hooks we can detect numerous events, including oa driver / kernel module is loaded or unloaded oa new user process or thread is created ouser stack / heap is allocated omemory is being paged in / out How does it work? 3 Memory introspection
  13. 13. www.bitdefender.com 8/25/2014• 13 How does it work? 4 Memory introspection Traditional in-guest security solution Out-of-guest memory introspection OS Kernel Typical Anti-Malware Kernel Module Read mem by Virtual Addr, read files, registry, … Enum processes, files, … 0101010011 MZ… Setup well-knowncallbacks & notifications New process PID 0x1234 HKLM... XEN Hypervisor Memory Introspection Engine Read mem by Physical AddrRead vCPUregisters 0101010011 Setup EPT hooks on mempages (by Physical Addr) Write / Execute attempt on PA 0x000A12345678 RAX = 0x1234RIP = 0x7890
  14. 14. www.bitdefender.com 8/25/2014• 14 •bridging the semantic gap –obtain rich semantics from only raw physical memory pages and virtual CPU registers ohow do we correlate 4K memory pages with semantically rich and meaningful OS specific data structures? oto be solved by security solution vendors •forward lots of mem-event notifications with low overhead to introspection engine oto be solved by hypervisor and CPU vendors Two big challenges Memory introspection
  15. 15. www.bitdefender.com 8/25/2014• 15 Memory introspection evolution •2003 –Garfinkel & Rosenblum: “A Virtual Machine Introspection Based Architecture for Intrusion Detection” othe starting point for a considerable amount of academic research •2006 –Jiang & Wang: “’Out-of-the-box’ Monitoring of VM-based High-Interaction Honeypots” •2008 –Dinaburg et al.: “Ether: Malware Analysis via Hardware Virtualization Extensions” oBuilt on top of Xen 3.1 •2008 –VMsafe API announced by VMware, which provides access to a guest’s: oCPU, memory, disk, I/O devices etc. osupported memory introspection for vSphere / ESXi •2010 –VMware vShield Endpoint(as a replacement for VMsafe API) oin-guest agent based ofile introspection only •2012 –VMware deprecates VMsafe
  16. 16. www.bitdefender.com 8/25/2014• 16 Memory introspection in Xen •2007 –XenAccess, XenProbes •2008 –Lares •2009 –first patches for the mem-events API •2010 –LibVMI –uses XenAccess and XenStore otargets Xen, but support for other HV-s can be added oinsufficient flexibility in changing page permissions ono support for mapping guest memory RW oinsufficient information about the guest CPUs ohigh overhead when reading the vCPUregister state oa ‘complete’ initialization requires intimate knowledge about the guest OS ocode for handling specific guest OS-s (Windows, with Linux in the works)
  17. 17. www.bitdefender.com 8/25/2014• 17 XenAccess and mem-events enhancements •2014 –Bitdefender published a set of patches (as RFC) to enhance the mem-events API oimplements its own version of LibVMI osimpler API onothing [guest] OS specific osupport for other HV-s can be added oallows to map guest memory (via EPT) ouses a very simple page cache to optimize (un)maps ooptimized access to specific resources •Some patches went into mainline, others will follow shortly
  18. 18. www.bitdefender.com 8/25/2014• 18 XenAccess and mem-events enhancements2 mem-event notification Xen Hypervisor SVA (domU0) MemoryIntrospection Engine domU1 uint32_t flags; uint32_t vcpu_id; uint64_t gfn; … mem_event_regs_t regs;
  19. 19. www.bitdefender.com 8/25/2014• 19 Example use of the extended API Xen Hypervisor dom0 SVA (domU0) MemoryIntrospection Engine Protected areas Critical Kernel Module Critical Kernel Module App1 App2 … Code, stacks, heaps, IAT, … Code, stacks, heaps, IAT, … Code, stacks, heaps, IAT, … Mem-events andVMCALLs facilitated by XEN
  20. 20. www.bitdefender.com 8/25/2014• 20 Example use of the extended API 2 •Bitdefender’s own introspection engine can oprotect the kernel from known rootkit hooking techniques oprotect user processes (e.g. browsers, MS Office, Adobe Reader, …) from ocode injection ofunction detouring ocode execution from stack / heap ounpacked malicious code oinject remediation tools into the guest on-the-fly (no help from ‘within’ needed) •Runs in userspace in a user domain (SVA –Security Virtual Appliance) •Introspection logic has very small overhead obulk of the overhead is given by sending / receiving events and calls between protected guest VMs and SVA
  21. 21. 21 Hardware Acceleration for Memory IntrospectionRavi SahitaIntel
  22. 22. 22 Hardware Acceleration for Memory Introspection Factors Limiting VM Memory Monitoring Performance Addressing Lack of Memory Isolation Addressing Performance gaps for execution and data access-control policies Xen Extensions
  23. 23. 23 Factors Limiting VM Memory Monitoring Performance Round-trip time –Monitoring execution and data accesses –Dynamic data structures imply high frequency events Filtering events –Monitoring data accesses requires filtering non- interesting events due to 4K page sharing Further, round-trip time is amplified with VMMs nesting
  24. 24. 24 Multiple EPTs as Protection Domains CPU0 Hypervisor Intel®VT-xwith EPT VM0 Extended Page Table(EPT) Domains EPTWalker Execution crossing EPT domains or data Accesses causing events host physical address Intel®Virtualization Technology for IA-32, Intel®64 and Intel®Architecture (Intel®VT-x) OS kernel Code/data (RX/RW) Driver Code (RX) Driver Code (RO) OS kernel Code/data (RO/NP) Data (RW) Data (NP)
  25. 25. 25 Addressing Lack of Isolation… Xen EPT Domains EPT Domains policy events CPU Hypervisor- derived isolation
  26. 26. 26 Kernel module Kernel module Security module …Without Sacrificing Performance Must allow for legal execution of components isolated in permission domains Each execution transfer across domains leads to VM exits that the hypervisor must mediate As components isolated via domains, numerous execution transfers are induced High Frequency of such VM exits to the hypervisor causes overhead Process Hypervisor Eliminate these induced VM exitson legalcontrol transfers Legal control transfers
  27. 27. 27 VM Functions: Hypercalls Without VM Exits VM Functions: Intel®VT-x extensions for services configured by the hypervisor –Different VM Functions correspond to different services Hypervisor configures VM Functions via new fields in VMCS Guest software invokes VM Functions via new instruction (VMFUNC<leaf>) –Value in EAX specifies which VM Function leaf is invoked CPU provides services as configured with no VM exit Intel®Virtualization Technology for IA-32, Intel®64 and Intel®Architecture (Intel®VT-x)
  28. 28. 28 VMFUNC-based Domain Switching Paravirtualized software can request protection domain switch via VMFUNC (specifying domain index) Hypervisor pre- configures domain index to EPTPs Hypervisor pre- configures domain boundaries View switching to speed up access control policies CPU0 Hypervisor Intel®VT-xwith EPT VM0 Extended Page Table(EPT) domains EPTWalker VMFUNC (EPTP switch) Host physical address Aternate ExtendedPage Table(EPT) list Intel®Virtualization Technology for IA-32, Intel®64 and Intel®Architecture (Intel®VT-x)
  29. 29. 29 Asynchronous Induced VMExits In VM-introspection scenarios critical data is monitored in place Legacy approaches are to VMExit and emulate access Alternatively, VMExit and switch views to single step the guest (MTF) High frequency of writes to monitored data cause high overhead Requires custom logic in the VMM increasing complexity/state in the hypervisor Kernel (Guest) Hypervisor EPT Domains Ring-0 Monitoring Agent Monitored Memory WRITE 2. EPT-V VMexit 3. VMResume to single step access Single Step Memory View 4. VMexit after access completed Access Policy 1. View Policies 5. VMResume EPT Domains Emulation
  30. 30. 30 Accelerating Induced Events Via Virtualization Exception (#VE) –Mutates EPT violations into a new IA exception–delivered through guest IDT VMM enables EPT violation conversion to #VE Data access monitoring view policies setup in EPT domains Data access causes #VE instead of VMexit Guest monitoring agent can emulate in guest OR use VMFUNC to single step access Hypervisor (VMX-root) Kernel/VMX-non-root EPT Domains Monitoring Service Monitored Memory 1. Handle #VE 3. Complete single step or emulate in guest Single Step Memory View 2. Setup single step or emulate WRITE Access Policy 1. Policies VMFUNC VMFUNC #VE #VE info VMFUNC EPT Domains
  31. 31. 31 VMFUNC Configuration Hypervisor checks IA32_VMX_VMFUNC MSR for allowed VM-Function controls Opts-in by setting “Enable VM functions” in the secondary processor-based VM- execution controls field Activates “EPTP switching” by setting bit-0 in the VM Function Control Configure alternate EPTP values in memory referenced via VMCS field Guest software uses VMFUNC opcode with leaf selector EAX=0 and ECX containing the index of EPTP (view) selected Errors reported to the hypervisor via VM Exits “Enable VM functions” VM- execution control (bit 13) EPTP-list address 0:Alternate-EPTP 1:Alternate-EPTP 511:Alternate-EPTP “EPTP switching” (bit 0) Secondary processor-based VM-execution controls VMFunction Control (new) In memory VMCS In VMCS (new) IA32_VMX_VMFUNC MSR (index 491H)
  32. 32. 32 Virtualization Exception (VE) Configuration Enumerated by the VMM via capability MSR Set VMCS “Enable VE” bit Negotiate “VE Info” page with Hypervisor #VE delivered through guest IDT Suppress VE EPTE Bit 63 –Set on pages the VMM does not want to cause a #VE for “Enable VE” VM-execution control (bit 18) VE Information Address Exit Reason Suppress Exit Qualification Secondary processor-based VM-execution controls In memory Virtual Machine Control Structure (VMCS) In VMCS (new) IA32_VMX_PROCBASED_ CTLS2 (48Bh) Bit 50 Guest Linear Address Guest Physical Address EPTP Index
  33. 33. 33 Xen Extensions 1.Efficiently creating and maintaining alternate EPT views/domains via extension of p2m 2.Hypercalls to edit EPT permissions without conflicting with Xen EPT management 3.Report guest-specific memory events via #VE in a Xen compatible manner (Suppress #VE EPTE bit) 4.Enabling CPU acceleration if VMFUNC and #VE CPU enumerated and opted-in Xen Hypervisor domUN domU0 Security Engine EPT Domains EPT Domains Security Engine CPU #VE EPT Domains EPT Domains #VE
  34. 34. 34 VM Introspection Performance Improvements Round-trip time –VMFUNC to allow safe, fast Memory View (EPT) switches –VMexits mutated to #VE for guest memory monitoring Filtering events –Reduced latency of #VE event handling reduces overhead of filtering events Round-trip time amplification due to VMM nesting –No VMexits to root VMM implies no amplification of VMexits due to EPT violations Scalable Runtime Memory Introspection w/o VT overheads
  35. 35. www.bitdefender.com 8/25/2014• 35 •Today Xen can be the base for providing a much improved layer of security –serves as a model for other HV vendors oTruly agentless security (zero in guest footprint) oIT Admins can deploy introspection based solutions seamlessly, without changing a single line of config inside the guest VMs •Hardware enforced isolation (against kernel exploits, zero days, …) •Hardware extensions enable intra-VM isolation to enable protected agent based introspection for high frequency access monitoring and agent isolation •Both models require straight-forward Xen infrastructure changes (multi-EPT views, hardware acceleration capabilities) Conclusions
  36. 36. www.bitdefender.com 8/25/2014• 36 Thank you! enterprise.bitdefender.com