SlideShare a Scribd company logo

Usenix security10-rump session-suzaki

Kuniyasu Suzaki
Kuniyasu Suzaki

Slide used at USENIX Security 2010 RUMP Session. Title is ""

1 of 7
Download to read offline
Security on Memory Deduplication (of IaaS cloud Computing) Kuniyasu Suzaki, T hiki Y i K K i S ki Toshiki Yagi, Kengo Iiji Iijima, N Nguyen Anh Quynh, C ill A th A hQ h Cyrille Artho Research Center of Information Security National Institute of Advanced Industrial Science and Technology
Memory Deduplication • Technique to share same content pages. • Reduce consumption of physical memory. – It is very effective, when same guest OS runs on several VMs. • On Virtual Machine Monitor – Disco[OSDI97] has Transparent Page Sharing – VMWare ESX has Content-Based Page Sharing [SOSP02] – Xen has Satori[USENIX09] and Differential Engine[OSDI08] • On Kernel Guest Physical Memory – Linux has KSM (Kernel Samepage Merging) VM1 VM2 VM(n) from 2.6.32 [LinuxSymp09] • Memory of Process(es) are deduplicated • KVM uses this mechanism Kuniyasu Suzaki USENIX Security 2010 Rump Session Real Physical Memory
Memory Deduplication strengthens OS • Encourage to translate from dynamic-link to self-contained binary, because memory redundancy is shrunk by deduplication. – It mitigates some security problems caused by logical sharing: Search Path Replacement Attack, GOT (Global Offset Table) overwrite attack, Dependency Hell, Etc. p y • “Moving from Logical Sharing of Guest OS to Physical Sharing of Deduplication on Virtual Machine” [HotSec10] [USENIX Security10 Poster] • In this rump session, I want to talk “Memory Deduplication has security problems”. Kuniyasu Suzaki USENIX Security 2010 Rump Session
Memory Peeking between VMs • When a write access is issued to a deduplicated page on a VM, a physical copy of the page is created. (CopyOnWrite) – It causes time difference between deduplicated and non- deduplicated page. • Attacker VM detects existence of a certain page on neighbor VMs. • We developed methods of memory peeking on a VM. • It is a kind of Cross VM Side Channel Attack [CCS09] – [CCS09] used CPU Cache which is shared by VMs Kuniyasu Suzaki USENIX Security 2010 Rump Session
Problem for Attackers & us :-) • Exact match of 4KB page – 4KB is too large • Attacker has to prepare the same 4KB page • Difficult for key Exposure • Attacker can not decide which VM has the same page, page when many VMs run. – [CCS09] can decide VM which is shared by Cache. Guest Physical Memory VM1 VM2 VM(n) • Thread Model is weak? Kuniyasu Suzaki USENIX Security 2010 Rump Session Real Physical Memory
Should we use memory peeking for defense on Multi-tenant Cloud Computing? • The memory peeking does not requires any penetration on a target VM. It only measures the own memory access. • It is used for – Detecting un-secure applications on VMs. g pp – Detecting illegal downloads. • Merit: It does not care cryptographic communication. – Detecting … Guest Physical Memory VM1 VM2 VM(n) Kuniyasu Suzaki USENIX Security 2010 Rump Session Real Physical Memory
Please tell me • Strong Thread Model for memory deduplication (4KB) • Practical Usage of memory peeking for Defense • Contact: – E-mail: k.suzaki@aist.go.jp – Twitter: @KuniSuzaki – Slide: http://www.slideshare.net/suzaki Guest Physical Memory VM1 VM2 VM(n) Kuniyasu Suzaki USENIX Security 2010 Rump Session Real Physical Memory

Recommended

Usenix security10-rump session-suzaki
Usenix security10-rump session-suzakiUsenix security10-rump session-suzaki
Usenix security10-rump session-suzakiKuniyasu Suzaki
 
Virtual Machines
Virtual MachinesVirtual Machines
Virtual Machinesxx-fun-xx
 
UBD
UBDUBD
UBDBrad Jensen
 
vSphere 5.x BAsic Security Hardening
vSphere 5.x BAsic Security HardeningvSphere 5.x BAsic Security Hardening
vSphere 5.x BAsic Security HardeningLuca Viscomi
 
VM - Talk
VM - TalkVM - Talk
VM - TalkWan Leung Wong
 
Kvm virtualization platform
Kvm virtualization platformKvm virtualization platform
Kvm virtualization platformAhmad Hafeezi
 
Virtualisation
VirtualisationVirtualisation
Virtualisationkwikilaboy
 
Dave Gilbert - KVM and QEMU
Dave Gilbert - KVM and QEMUDave Gilbert - KVM and QEMU
Dave Gilbert - KVM and QEMUDanny Abukalam
 

Recommended

Usenix security10-rump session-suzaki
Usenix security10-rump session-suzakiUsenix security10-rump session-suzaki
Usenix security10-rump session-suzakiKuniyasu Suzaki
 
Virtual Machines
Virtual MachinesVirtual Machines
Virtual Machinesxx-fun-xx
 
UBD
UBDUBD
UBDBrad Jensen
 
vSphere 5.x BAsic Security Hardening
vSphere 5.x BAsic Security HardeningvSphere 5.x BAsic Security Hardening
vSphere 5.x BAsic Security HardeningLuca Viscomi
 
VM - Talk
VM - TalkVM - Talk
VM - TalkWan Leung Wong
 
Kvm virtualization platform
Kvm virtualization platformKvm virtualization platform
Kvm virtualization platformAhmad Hafeezi
 
Virtualisation
VirtualisationVirtualisation
Virtualisationkwikilaboy
 
Dave Gilbert - KVM and QEMU
Dave Gilbert - KVM and QEMUDave Gilbert - KVM and QEMU
Dave Gilbert - KVM and QEMUDanny Abukalam
 
Sun VDI 3.1 - Jan 2010
Sun VDI 3.1 - Jan 2010Sun VDI 3.1 - Jan 2010
Sun VDI 3.1 - Jan 2010Matthias Mueller-Prove
 
Sun VDI 3.1 - Oct 2009
Sun VDI 3.1 - Oct 2009Sun VDI 3.1 - Oct 2009
Sun VDI 3.1 - Oct 2009Matthias Mueller-Prove
 
Virtualisation for Developers
Virtualisation for DevelopersVirtualisation for Developers
Virtualisation for Developerselliando dias
 
Introduction to Virtualization, Virsh and Virt-Manager
Introduction to Virtualization, Virsh and Virt-ManagerIntroduction to Virtualization, Virsh and Virt-Manager
Introduction to Virtualization, Virsh and Virt-Managerwalkerchang
 
Cnam azure 2014 iaas
Cnam azure 2014 iaas Cnam azure 2014 iaas
Cnam azure 2014 iaas Aymeric Weinbach
 
Kvm setup
Kvm setupKvm setup
Kvm setupPradeep Yadav 🌩️
 
Router Virtualization With GNS3
Router Virtualization With GNS3Router Virtualization With GNS3
Router Virtualization With GNS3mrmouse
 
The Social Cyborg: From perfect memory to networked consciousness
The Social Cyborg: From perfect memory to networked consciousnessThe Social Cyborg: From perfect memory to networked consciousness
The Social Cyborg: From perfect memory to networked consciousnessKevin Lim
 
Virtualization - Kernel Virtual Machine (KVM)
Virtualization - Kernel Virtual Machine (KVM)Virtualization - Kernel Virtual Machine (KVM)
Virtualization - Kernel Virtual Machine (KVM)Wan Leung Wong
 
OpenZFS dotScale
OpenZFS dotScaleOpenZFS dotScale
OpenZFS dotScaleMatthew Ahrens
 
Description of linux and windows
Description of linux and windowsDescription of linux and windows
Description of linux and windowsRohit Kumar
 
Virtual Box Presentation
Virtual Box Presentation Virtual Box Presentation
Virtual Box Presentation Pete DuMelle
 
Virtualbox
VirtualboxVirtualbox
VirtualboxAnthony Yuan , PMP
 
Virtual machine
Virtual machineVirtual machine
Virtual machineShivanshu Purwar
 
IT Assist - ZFS on linux
IT Assist - ZFS on linuxIT Assist - ZFS on linux
IT Assist - ZFS on linuxIDG Romania
 
Virtualization ppt1
Virtualization ppt1Virtualization ppt1
Virtualization ppt1abdulrubbinmohsin
 
Cloud-Aided Yocto Build Speedup
Cloud-Aided Yocto Build SpeedupCloud-Aided Yocto Build Speedup
Cloud-Aided Yocto Build SpeedupToradex
 
open source virtualization
open source virtualizationopen source virtualization
open source virtualizationKris Buytaert
 
Qemu
QemuQemu
QemuKoganti Ravikumar
 
Virtualization Everywhere
Virtualization EverywhereVirtualization Everywhere
Virtualization Everywherewebhostingguy
 
Usenix Security2009 Report Suzaki
Usenix Security2009 Report SuzakiUsenix Security2009 Report Suzaki
Usenix Security2009 Report SuzakiKuniyasu Suzaki
 
Linux Symposium 2009 Slide Suzaki "Effect of readahead and file system block ...
Linux Symposium 2009 Slide Suzaki "Effect of readahead and file system block ...Linux Symposium 2009 Slide Suzaki "Effect of readahead and file system block ...
Linux Symposium 2009 Slide Suzaki "Effect of readahead and file system block ...Kuniyasu Suzaki
 

More Related Content

What's hot

Virtualisation for Developers
Virtualisation for DevelopersVirtualisation for Developers
Virtualisation for Developerselliando dias
 
Introduction to Virtualization, Virsh and Virt-Manager
Introduction to Virtualization, Virsh and Virt-ManagerIntroduction to Virtualization, Virsh and Virt-Manager
Introduction to Virtualization, Virsh and Virt-Managerwalkerchang
 
Router Virtualization With GNS3
Router Virtualization With GNS3Router Virtualization With GNS3
Router Virtualization With GNS3mrmouse
 
The Social Cyborg: From perfect memory to networked consciousness
The Social Cyborg: From perfect memory to networked consciousnessThe Social Cyborg: From perfect memory to networked consciousness
The Social Cyborg: From perfect memory to networked consciousnessKevin Lim
 
Virtualization - Kernel Virtual Machine (KVM)
Virtualization - Kernel Virtual Machine (KVM)Virtualization - Kernel Virtual Machine (KVM)
Virtualization - Kernel Virtual Machine (KVM)Wan Leung Wong
 
Description of linux and windows
Description of linux and windowsDescription of linux and windows
Description of linux and windowsRohit Kumar
 
Virtual Box Presentation
Virtual Box Presentation Virtual Box Presentation
Virtual Box Presentation Pete DuMelle
 
IT Assist - ZFS on linux
IT Assist - ZFS on linuxIT Assist - ZFS on linux
IT Assist - ZFS on linuxIDG Romania
 
Cloud-Aided Yocto Build Speedup
Cloud-Aided Yocto Build SpeedupCloud-Aided Yocto Build Speedup
Cloud-Aided Yocto Build SpeedupToradex
 
open source virtualization
open source virtualizationopen source virtualization
open source virtualizationKris Buytaert
 
Virtualization Everywhere
Virtualization EverywhereVirtualization Everywhere
Virtualization Everywherewebhostingguy
 

What's hot (20)

Sun VDI 3.1 - Jan 2010
Sun VDI 3.1 - Jan 2010Sun VDI 3.1 - Jan 2010
Sun VDI 3.1 - Jan 2010
 
Sun VDI 3.1 - Oct 2009
Sun VDI 3.1 - Oct 2009Sun VDI 3.1 - Oct 2009
Sun VDI 3.1 - Oct 2009
 
Virtualisation for Developers
Virtualisation for DevelopersVirtualisation for Developers
Virtualisation for Developers
 
Introduction to Virtualization, Virsh and Virt-Manager
Introduction to Virtualization, Virsh and Virt-ManagerIntroduction to Virtualization, Virsh and Virt-Manager
Introduction to Virtualization, Virsh and Virt-Manager
 
Cnam azure 2014 iaas
Cnam azure 2014 iaas Cnam azure 2014 iaas
Cnam azure 2014 iaas
 
Kvm setup
Kvm setupKvm setup
Kvm setup
 
Router Virtualization With GNS3
Router Virtualization With GNS3Router Virtualization With GNS3
Router Virtualization With GNS3
 
The Social Cyborg: From perfect memory to networked consciousness
The Social Cyborg: From perfect memory to networked consciousnessThe Social Cyborg: From perfect memory to networked consciousness
The Social Cyborg: From perfect memory to networked consciousness
 
Virtualization - Kernel Virtual Machine (KVM)
Virtualization - Kernel Virtual Machine (KVM)Virtualization - Kernel Virtual Machine (KVM)
Virtualization - Kernel Virtual Machine (KVM)
 
OpenZFS dotScale
OpenZFS dotScaleOpenZFS dotScale
OpenZFS dotScale
 
Description of linux and windows
Description of linux and windowsDescription of linux and windows
Description of linux and windows
 
Virtual Box Presentation
Virtual Box Presentation Virtual Box Presentation
Virtual Box Presentation
 
Virtualbox
VirtualboxVirtualbox
Virtualbox
 
Virtual machine
Virtual machineVirtual machine
Virtual machine
 
IT Assist - ZFS on linux
IT Assist - ZFS on linuxIT Assist - ZFS on linux
IT Assist - ZFS on linux
 
Virtualization ppt1
Virtualization ppt1Virtualization ppt1
Virtualization ppt1
 
Cloud-Aided Yocto Build Speedup
Cloud-Aided Yocto Build SpeedupCloud-Aided Yocto Build Speedup
Cloud-Aided Yocto Build Speedup
 
open source virtualization
open source virtualizationopen source virtualization
open source virtualization
 
Qemu
QemuQemu
Qemu
 
Virtualization Everywhere
Virtualization EverywhereVirtualization Everywhere
Virtualization Everywhere
 

Viewers also liked

Usenix Security2009 Report Suzaki
Usenix Security2009 Report SuzakiUsenix Security2009 Report Suzaki
Usenix Security2009 Report SuzakiKuniyasu Suzaki
 
Linux Symposium 2009 Slide Suzaki "Effect of readahead and file system block ...
Linux Symposium 2009 Slide Suzaki "Effect of readahead and file system block ...Linux Symposium 2009 Slide Suzaki "Effect of readahead and file system block ...
Linux Symposium 2009 Slide Suzaki "Effect of readahead and file system block ...Kuniyasu Suzaki
 
Linux.Conf.AU 2009 (LCA09) Slide "OS Circular: Internet bootable OS Archive" ...
Linux.Conf.AU 2009 (LCA09) Slide "OS Circular: Internet bootable OS Archive" ...Linux.Conf.AU 2009 (LCA09) Slide "OS Circular: Internet bootable OS Archive" ...
Linux.Conf.AU 2009 (LCA09) Slide "OS Circular: Internet bootable OS Archive" ...Kuniyasu Suzaki
 
Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)
Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)
Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)Kuniyasu Suzaki
 
ACM SOSP11 & SOCC11 & PLOS11 Report
ACM SOSP11 & SOCC11 & PLOS11 ReportACM SOSP11 & SOCC11 & PLOS11 Report
ACM SOSP11 & SOCC11 & PLOS11 ReportKuniyasu Suzaki
 
USENIX FAST10 Report by Suzaki
USENIX FAST10 Report by SuzakiUSENIX FAST10 Report by Suzaki
USENIX FAST10 Report by SuzakiKuniyasu Suzaki
 
ASPLOS10&Vee10 report-suzaki
ASPLOS10&Vee10 report-suzakiASPLOS10&Vee10 report-suzaki
ASPLOS10&Vee10 report-suzakiKuniyasu Suzaki
 

Viewers also liked (7)

Usenix Security2009 Report Suzaki
Usenix Security2009 Report SuzakiUsenix Security2009 Report Suzaki
Usenix Security2009 Report Suzaki
 
Linux Symposium 2009 Slide Suzaki "Effect of readahead and file system block ...
Linux Symposium 2009 Slide Suzaki "Effect of readahead and file system block ...Linux Symposium 2009 Slide Suzaki "Effect of readahead and file system block ...
Linux Symposium 2009 Slide Suzaki "Effect of readahead and file system block ...
 
Linux.Conf.AU 2009 (LCA09) Slide "OS Circular: Internet bootable OS Archive" ...
Linux.Conf.AU 2009 (LCA09) Slide "OS Circular: Internet bootable OS Archive" ...Linux.Conf.AU 2009 (LCA09) Slide "OS Circular: Internet bootable OS Archive" ...
Linux.Conf.AU 2009 (LCA09) Slide "OS Circular: Internet bootable OS Archive" ...
 
Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)
Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)
Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)
 
ACM SOSP11 & SOCC11 & PLOS11 Report
ACM SOSP11 & SOCC11 & PLOS11 ReportACM SOSP11 & SOCC11 & PLOS11 Report
ACM SOSP11 & SOCC11 & PLOS11 Report
 
USENIX FAST10 Report by Suzaki
USENIX FAST10 Report by SuzakiUSENIX FAST10 Report by Suzaki
USENIX FAST10 Report by Suzaki
 
ASPLOS10&Vee10 report-suzaki
ASPLOS10&Vee10 report-suzakiASPLOS10&Vee10 report-suzaki
ASPLOS10&Vee10 report-suzaki
 

Similar to Usenix security10-rump session-suzaki

EuroSec2012 "Effects of Memory Randomization, Sanitization and Page Cache on ...
EuroSec2012 "Effects of Memory Randomization, Sanitization and Page Cache on ...EuroSec2012 "Effects of Memory Randomization, Sanitization and Page Cache on ...
EuroSec2012 "Effects of Memory Randomization, Sanitization and Page Cache on ...Kuniyasu Suzaki
 
Usenix security10-poster-suzaki
Usenix security10-poster-suzakiUsenix security10-poster-suzaki
Usenix security10-poster-suzakiKuniyasu Suzaki
 
Lightning talk unikernels
Lightning talk unikernelsLightning talk unikernels
Lightning talk unikernelsMichael Bright
 
Disco: Running Commodity Operating Systems on Scalable Multiprocessors Disco
Disco: Running Commodity Operating Systems on Scalable Multiprocessors DiscoDisco: Running Commodity Operating Systems on Scalable Multiprocessors Disco
Disco: Running Commodity Operating Systems on Scalable Multiprocessors DiscoMagnus Backman
 
The lies we tell our code, LinuxCon/CloudOpen 2015-08-18
The lies we tell our code, LinuxCon/CloudOpen 2015-08-18The lies we tell our code, LinuxCon/CloudOpen 2015-08-18
The lies we tell our code, LinuxCon/CloudOpen 2015-08-18Casey Bisson
 
Imp (distributed vmm)
Imp (distributed vmm)Imp (distributed vmm)
Imp (distributed vmm)Punit Gupta
 
Openstorage with OpenStack, by Bradley
Openstorage with OpenStack, by BradleyOpenstorage with OpenStack, by Bradley
Openstorage with OpenStack, by BradleyHui Cheng
 
Pm 01 bradley stone_openstorage_openstack
Pm 01 bradley stone_openstorage_openstackPm 01 bradley stone_openstorage_openstack
Pm 01 bradley stone_openstorage_openstackOpenCity Community
 
Eucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebulaEucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebulaAmar Myana
 
XPDDS18: Unleashing the Power of Unikernels with Unikraft - Florian Schmidt, ...
XPDDS18: Unleashing the Power of Unikernels with Unikraft - Florian Schmidt, ...XPDDS18: Unleashing the Power of Unikernels with Unikraft - Florian Schmidt, ...
XPDDS18: Unleashing the Power of Unikernels with Unikraft - Florian Schmidt, ...The Linux Foundation
 
EuroSec2011 Slide "Memory Deduplication as a Threat to the Guest OS" by Kuniy...
EuroSec2011 Slide "Memory Deduplication as a Threat to the Guest OS" by Kuniy...EuroSec2011 Slide "Memory Deduplication as a Threat to the Guest OS" by Kuniy...
EuroSec2011 Slide "Memory Deduplication as a Threat to the Guest OS" by Kuniy...Kuniyasu Suzaki
 
Tuning VIM performance for unikernels
Tuning VIM performance for unikernelsTuning VIM performance for unikernels
Tuning VIM performance for unikernelsStefano Salsano
 
4. Memory virtualization and management
4. Memory virtualization and management4. Memory virtualization and management
4. Memory virtualization and managementHwanju Kim
 
Singularity: The Inner Workings of Securely Running User Containers on HPC Sy...
Singularity: The Inner Workings of Securely Running User Containers on HPC Sy...Singularity: The Inner Workings of Securely Running User Containers on HPC Sy...
Singularity: The Inner Workings of Securely Running User Containers on HPC Sy...inside-BigData.com
 

Similar to Usenix security10-rump session-suzaki (20)

EuroSec2012 "Effects of Memory Randomization, Sanitization and Page Cache on ...
EuroSec2012 "Effects of Memory Randomization, Sanitization and Page Cache on ...EuroSec2012 "Effects of Memory Randomization, Sanitization and Page Cache on ...
EuroSec2012 "Effects of Memory Randomization, Sanitization and Page Cache on ...
 
Usenix security10-poster-suzaki
Usenix security10-poster-suzakiUsenix security10-poster-suzaki
Usenix security10-poster-suzaki
 
Lightning talk unikernels
Lightning talk unikernelsLightning talk unikernels
Lightning talk unikernels
 
Disco: Running Commodity Operating Systems on Scalable Multiprocessors Disco
Disco: Running Commodity Operating Systems on Scalable Multiprocessors DiscoDisco: Running Commodity Operating Systems on Scalable Multiprocessors Disco
Disco: Running Commodity Operating Systems on Scalable Multiprocessors Disco
 
The lies we tell our code, LinuxCon/CloudOpen 2015-08-18
The lies we tell our code, LinuxCon/CloudOpen 2015-08-18The lies we tell our code, LinuxCon/CloudOpen 2015-08-18
The lies we tell our code, LinuxCon/CloudOpen 2015-08-18
 
Imp (distributed vmm)
Imp (distributed vmm)Imp (distributed vmm)
Imp (distributed vmm)
 
Openstorage with OpenStack, by Bradley
Openstorage with OpenStack, by BradleyOpenstorage with OpenStack, by Bradley
Openstorage with OpenStack, by Bradley
 
Pm 01 bradley stone_openstorage_openstack
Pm 01 bradley stone_openstorage_openstackPm 01 bradley stone_openstorage_openstack
Pm 01 bradley stone_openstorage_openstack
 
Eucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebulaEucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebula
 
XPDDS18: Unleashing the Power of Unikernels with Unikraft - Florian Schmidt, ...
XPDDS18: Unleashing the Power of Unikernels with Unikraft - Florian Schmidt, ...XPDDS18: Unleashing the Power of Unikernels with Unikraft - Florian Schmidt, ...
XPDDS18: Unleashing the Power of Unikernels with Unikraft - Florian Schmidt, ...
 
EuroSec2011 Slide "Memory Deduplication as a Threat to the Guest OS" by Kuniy...
EuroSec2011 Slide "Memory Deduplication as a Threat to the Guest OS" by Kuniy...EuroSec2011 Slide "Memory Deduplication as a Threat to the Guest OS" by Kuniy...
EuroSec2011 Slide "Memory Deduplication as a Threat to the Guest OS" by Kuniy...
 
Xen Community Update 2011
Xen Community Update 2011Xen Community Update 2011
Xen Community Update 2011
 
Cloud Computing Tools
Cloud Computing ToolsCloud Computing Tools
Cloud Computing Tools
 
Tuning VIM performance for unikernels
Tuning VIM performance for unikernelsTuning VIM performance for unikernels
Tuning VIM performance for unikernels
 
All Virtual All The Time
All Virtual All The TimeAll Virtual All The Time
All Virtual All The Time
 
Slide final
Slide finalSlide final
Slide final
 
4. Memory virtualization and management
4. Memory virtualization and management4. Memory virtualization and management
4. Memory virtualization and management
 
Hot sec10 slide-suzaki
Hot sec10 slide-suzakiHot sec10 slide-suzaki
Hot sec10 slide-suzaki
 
Singularity: The Inner Workings of Securely Running User Containers on HPC Sy...
Singularity: The Inner Workings of Securely Running User Containers on HPC Sy...Singularity: The Inner Workings of Securely Running User Containers on HPC Sy...
Singularity: The Inner Workings of Securely Running User Containers on HPC Sy...
 
Hyper v r2 deep dive
Hyper v r2 deep diveHyper v r2 deep dive
Hyper v r2 deep dive
 

More from Kuniyasu Suzaki

RISC-Vのセキュリティ技術(TEE, Root of Trust, Remote Attestation)
RISC-Vのセキュリティ技術(TEE, Root of Trust, Remote Attestation)RISC-Vのセキュリティ技術(TEE, Root of Trust, Remote Attestation)
RISC-Vのセキュリティ技術(TEE, Root of Trust, Remote Attestation)Kuniyasu Suzaki
 
遠隔デバイスとの信頼を築くための技術とその標準(TEEP RATS)
遠隔デバイスとの信頼を築くための技術とその標準(TEEP RATS)遠隔デバイスとの信頼を築くための技術とその標準(TEEP RATS)
遠隔デバイスとの信頼を築くための技術とその標準(TEEP RATS)Kuniyasu Suzaki
 
IETF111 RATS: Remote Attestation ProcedureS 報告
IETF111 RATS: Remote Attestation ProcedureS 報告IETF111 RATS: Remote Attestation ProcedureS 報告
IETF111 RATS: Remote Attestation ProcedureS 報告Kuniyasu Suzaki
 
Slide presented at FIT 2021 Top Conference (Reboot Oriented IoT, ACSAC2021)
Slide presented at FIT 2021 Top Conference (Reboot Oriented IoT, ACSAC2021)Slide presented at FIT 2021 Top Conference (Reboot Oriented IoT, ACSAC2021)
Slide presented at FIT 2021 Top Conference (Reboot Oriented IoT, ACSAC2021)Kuniyasu Suzaki
 
ACSAC2020 "Return-Oriented IoT" by Kuniyasu Suzaki
ACSAC2020 "Return-Oriented IoT" by Kuniyasu SuzakiACSAC2020 "Return-Oriented IoT" by Kuniyasu Suzaki
ACSAC2020 "Return-Oriented IoT" by Kuniyasu SuzakiKuniyasu Suzaki
 
TEE (Trusted Execution Environment)は第二の仮想化技術になるか?
TEE (Trusted Execution Environment)は第二の仮想化技術になるか?TEE (Trusted Execution Environment)は第二の仮想化技術になるか?
TEE (Trusted Execution Environment)は第二の仮想化技術になるか?Kuniyasu Suzaki
 
3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)
3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)
3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)Kuniyasu Suzaki
 
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...Kuniyasu Suzaki
 
RISC-V-Day-Tokyo2018-suzaki
RISC-V-Day-Tokyo2018-suzakiRISC-V-Day-Tokyo2018-suzaki
RISC-V-Day-Tokyo2018-suzakiKuniyasu Suzaki
 
BMC: Bare Metal Container @Open Source Summit Japan 2017
BMC: Bare Metal Container @Open Source Summit Japan 2017BMC: Bare Metal Container @Open Source Summit Japan 2017
BMC: Bare Metal Container @Open Source Summit Japan 2017Kuniyasu Suzaki
 
USENIX NSDI17 Memory Disaggregation
USENIX NSDI17 Memory DisaggregationUSENIX NSDI17 Memory Disaggregation
USENIX NSDI17 Memory DisaggregationKuniyasu Suzaki
 
Io t security-suzki-20170224
Io t security-suzki-20170224Io t security-suzki-20170224
Io t security-suzki-20170224Kuniyasu Suzaki
 
”Bare-Metal Container" presented at HPCC2016
”Bare-Metal Container" presented at HPCC2016”Bare-Metal Container" presented at HPCC2016
”Bare-Metal Container" presented at HPCC2016Kuniyasu Suzaki
 
Kernel Memory Protection by an Insertable Hypervisor which has VM Introspec...
Kernel Memory Protection by an Insertable Hypervisor which has VM Introspec...Kernel Memory Protection by an Insertable Hypervisor which has VM Introspec...
Kernel Memory Protection by an Insertable Hypervisor which has VM Introspec...Kuniyasu Suzaki
 
Report for S4x14 (SCADA Security Scientific Symposium 2014)
Report for S4x14 (SCADA Security Scientific Symposium 2014)Report for S4x14 (SCADA Security Scientific Symposium 2014)
Report for S4x14 (SCADA Security Scientific Symposium 2014)Kuniyasu Suzaki
 
Slide used at ACM-SAC 2014 by Suzaki
Slide used at ACM-SAC 2014 by SuzakiSlide used at ACM-SAC 2014 by Suzaki
Slide used at ACM-SAC 2014 by SuzakiKuniyasu Suzaki
 
OSセキュリティチュートリアル
OSセキュリティチュートリアルOSセキュリティチュートリアル
OSセキュリティチュートリアルKuniyasu Suzaki
 
Nested Virtual Machines and Proxies
Nested Virtual Machines and Proxies Nested Virtual Machines and Proxies
Nested Virtual Machines and Proxies Kuniyasu Suzaki
 
Bitvisorをベースとした既存Windowsのドライバメモリ保護
Bitvisorをベースとした既存Windowsのドライバメモリ保護Bitvisorをベースとした既存Windowsのドライバメモリ保護
Bitvisorをベースとした既存Windowsのドライバメモリ保護Kuniyasu Suzaki
 
仮想化技術によるマルウェア対策とその問題点
仮想化技術によるマルウェア対策とその問題点仮想化技術によるマルウェア対策とその問題点
仮想化技術によるマルウェア対策とその問題点Kuniyasu Suzaki
 

More from Kuniyasu Suzaki (20)

RISC-Vのセキュリティ技術(TEE, Root of Trust, Remote Attestation)
RISC-Vのセキュリティ技術(TEE, Root of Trust, Remote Attestation)RISC-Vのセキュリティ技術(TEE, Root of Trust, Remote Attestation)
RISC-Vのセキュリティ技術(TEE, Root of Trust, Remote Attestation)
 
遠隔デバイスとの信頼を築くための技術とその標準(TEEP RATS)
遠隔デバイスとの信頼を築くための技術とその標準(TEEP RATS)遠隔デバイスとの信頼を築くための技術とその標準(TEEP RATS)
遠隔デバイスとの信頼を築くための技術とその標準(TEEP RATS)
 
IETF111 RATS: Remote Attestation ProcedureS 報告
IETF111 RATS: Remote Attestation ProcedureS 報告IETF111 RATS: Remote Attestation ProcedureS 報告
IETF111 RATS: Remote Attestation ProcedureS 報告
 
Slide presented at FIT 2021 Top Conference (Reboot Oriented IoT, ACSAC2021)
Slide presented at FIT 2021 Top Conference (Reboot Oriented IoT, ACSAC2021)Slide presented at FIT 2021 Top Conference (Reboot Oriented IoT, ACSAC2021)
Slide presented at FIT 2021 Top Conference (Reboot Oriented IoT, ACSAC2021)
 
ACSAC2020 "Return-Oriented IoT" by Kuniyasu Suzaki
ACSAC2020 "Return-Oriented IoT" by Kuniyasu SuzakiACSAC2020 "Return-Oriented IoT" by Kuniyasu Suzaki
ACSAC2020 "Return-Oriented IoT" by Kuniyasu Suzaki
 
TEE (Trusted Execution Environment)は第二の仮想化技術になるか?
TEE (Trusted Execution Environment)は第二の仮想化技術になるか?TEE (Trusted Execution Environment)は第二の仮想化技術になるか?
TEE (Trusted Execution Environment)は第二の仮想化技術になるか?
 
3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)
3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)
3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)
 
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
 
RISC-V-Day-Tokyo2018-suzaki
RISC-V-Day-Tokyo2018-suzakiRISC-V-Day-Tokyo2018-suzaki
RISC-V-Day-Tokyo2018-suzaki
 
BMC: Bare Metal Container @Open Source Summit Japan 2017
BMC: Bare Metal Container @Open Source Summit Japan 2017BMC: Bare Metal Container @Open Source Summit Japan 2017
BMC: Bare Metal Container @Open Source Summit Japan 2017
 
USENIX NSDI17 Memory Disaggregation
USENIX NSDI17 Memory DisaggregationUSENIX NSDI17 Memory Disaggregation
USENIX NSDI17 Memory Disaggregation
 
Io t security-suzki-20170224
Io t security-suzki-20170224Io t security-suzki-20170224
Io t security-suzki-20170224
 
”Bare-Metal Container" presented at HPCC2016
”Bare-Metal Container" presented at HPCC2016”Bare-Metal Container" presented at HPCC2016
”Bare-Metal Container" presented at HPCC2016
 
Kernel Memory Protection by an Insertable Hypervisor which has VM Introspec...
Kernel Memory Protection by an Insertable Hypervisor which has VM Introspec...Kernel Memory Protection by an Insertable Hypervisor which has VM Introspec...
Kernel Memory Protection by an Insertable Hypervisor which has VM Introspec...
 
Report for S4x14 (SCADA Security Scientific Symposium 2014)
Report for S4x14 (SCADA Security Scientific Symposium 2014)Report for S4x14 (SCADA Security Scientific Symposium 2014)
Report for S4x14 (SCADA Security Scientific Symposium 2014)
 
Slide used at ACM-SAC 2014 by Suzaki
Slide used at ACM-SAC 2014 by SuzakiSlide used at ACM-SAC 2014 by Suzaki
Slide used at ACM-SAC 2014 by Suzaki
 
OSセキュリティチュートリアル
OSセキュリティチュートリアルOSセキュリティチュートリアル
OSセキュリティチュートリアル
 
Nested Virtual Machines and Proxies
Nested Virtual Machines and Proxies Nested Virtual Machines and Proxies
Nested Virtual Machines and Proxies
 
Bitvisorをベースとした既存Windowsのドライバメモリ保護
Bitvisorをベースとした既存Windowsのドライバメモリ保護Bitvisorをベースとした既存Windowsのドライバメモリ保護
Bitvisorをベースとした既存Windowsのドライバメモリ保護
 
仮想化技術によるマルウェア対策とその問題点
仮想化技術によるマルウェア対策とその問題点仮想化技術によるマルウェア対策とその問題点
仮想化技術によるマルウェア対策とその問題点
 

Usenix security10-rump session-suzaki

  • 1. Security on Memory Deduplication (of IaaS cloud Computing) Kuniyasu Suzaki, T hiki Y i K K i S ki Toshiki Yagi, Kengo Iiji Iijima, N Nguyen Anh Quynh, C ill A th A hQ h Cyrille Artho Research Center of Information Security National Institute of Advanced Industrial Science and Technology
  • 2. Memory Deduplication • Technique to share same content pages. • Reduce consumption of physical memory. – It is very effective, when same guest OS runs on several VMs. • On Virtual Machine Monitor – Disco[OSDI97] has Transparent Page Sharing – VMWare ESX has Content-Based Page Sharing [SOSP02] – Xen has Satori[USENIX09] and Differential Engine[OSDI08] • On Kernel Guest Physical Memory – Linux has KSM (Kernel Samepage Merging) VM1 VM2 VM(n) from 2.6.32 [LinuxSymp09] • Memory of Process(es) are deduplicated • KVM uses this mechanism Kuniyasu Suzaki USENIX Security 2010 Rump Session Real Physical Memory
  • 3. Memory Deduplication strengthens OS • Encourage to translate from dynamic-link to self-contained binary, because memory redundancy is shrunk by deduplication. – It mitigates some security problems caused by logical sharing: Search Path Replacement Attack, GOT (Global Offset Table) overwrite attack, Dependency Hell, Etc. p y • “Moving from Logical Sharing of Guest OS to Physical Sharing of Deduplication on Virtual Machine” [HotSec10] [USENIX Security10 Poster] • In this rump session, I want to talk “Memory Deduplication has security problems”. Kuniyasu Suzaki USENIX Security 2010 Rump Session
  • 4. Memory Peeking between VMs • When a write access is issued to a deduplicated page on a VM, a physical copy of the page is created. (CopyOnWrite) – It causes time difference between deduplicated and non- deduplicated page. • Attacker VM detects existence of a certain page on neighbor VMs. • We developed methods of memory peeking on a VM. • It is a kind of Cross VM Side Channel Attack [CCS09] – [CCS09] used CPU Cache which is shared by VMs Kuniyasu Suzaki USENIX Security 2010 Rump Session
  • 5. Problem for Attackers & us :-) • Exact match of 4KB page – 4KB is too large • Attacker has to prepare the same 4KB page • Difficult for key Exposure • Attacker can not decide which VM has the same page, page when many VMs run. – [CCS09] can decide VM which is shared by Cache. Guest Physical Memory VM1 VM2 VM(n) • Thread Model is weak? Kuniyasu Suzaki USENIX Security 2010 Rump Session Real Physical Memory
  • 6. Should we use memory peeking for defense on Multi-tenant Cloud Computing? • The memory peeking does not requires any penetration on a target VM. It only measures the own memory access. • It is used for – Detecting un-secure applications on VMs. g pp – Detecting illegal downloads. • Merit: It does not care cryptographic communication. – Detecting … Guest Physical Memory VM1 VM2 VM(n) Kuniyasu Suzaki USENIX Security 2010 Rump Session Real Physical Memory
  • 7. Please tell me • Strong Thread Model for memory deduplication (4KB) • Practical Usage of memory peeking for Defense • Contact: – E-mail: k.suzaki@aist.go.jp – Twitter: @KuniSuzaki – Slide: http://www.slideshare.net/suzaki Guest Physical Memory VM1 VM2 VM(n) Kuniyasu Suzaki USENIX Security 2010 Rump Session Real Physical Memory