Journal in Computer Virology

, Volume 8, Issue 3, pp 85–97 | Cite as

On covert channels between virtual machines

Original Paper

Abstract

Virtualization technology has become very popular because of better hardware utilization and easy maintenance. However, there are chances for information leakage and possibilities of several covert channels for information flow between the virtual machines. Our work focuses on the experimental study of security threats in virtualization, especially due to covert channels and other forms of information leakage. The existence of data leakage during migration shutdown and destruction of virtual machines, is tested on different hypervisors. For empirically showing the possibility of covert channels between virtual machines, three new network based covert channels are hypothesized and demonstrated through implementation, on different hypervisors. One of the covert channels hypothesized is a TCP/IP steganography based covert channel. Other covert channels are a timing covert channel and a new network covert channel having two pairs of socket programs. We propose a VMM (Virtual Machine Monitor) based network covert channel avoidance mechanism, tackling detection resistant covert channel problems. We also address issue of reducing the possibilities of network based covert channels using VMM-level firewalls. In order to emphasize the importance of addressing the issue of information leakage through virtual machines, we illustrate the simplicity of launching network covert channel based attacks, by demonstrating an attack on a virtual machine using covert channels through implementation.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    3-way handshake. http://www.3wayhandshake.com. Accessed 10 Nov 2010
  2. 2.
    ATA over Ethernet. http://en.wikipedia.org/wiki/ATA_over_Ethernet. Accessed 10 Nov 2010
  3. 3.
    Cheng, G., Jin, H., Zou, D., Ohoussou, A., Zhao, F.: A prioritized chinese wall model for managing the covert information flows in virtual machine systems. In: ICYCS 2008. The 9th International Conference for Young Computer Scientists, pp. 1481–1487. IEEE, New York (2008)Google Scholar
  4. 4.
    Clark, C., Fraser, K., Hand, S., Hansen, J., Jul, E., Limpach, C., Pratt, I., Warfield, A.: Live migration of virtual machines. In: Proceedings of the 2nd Conference on Symposium on Networked Systems Design and Implementation, vol. 2, pp. 273–286. USENIX Association, Boston (2005)Google Scholar
  5. 5.
    Full-virtualization. http://en.wikipedia.org/wiki/Full_virtualization. Accessed 10 Nov 2010
  6. 6.
    Gligor, V.: a guide to understanding covert channel analysis of trusted systems. National Computer Security Center, Ft. George G. Meade, MD, Tech. Rep. NCSC-TG-030 (1993)Google Scholar
  7. 7.
    Golden, B.: Virtualization for dummies. For Dummies (2007)Google Scholar
  8. 8.
    Jaeger, T., Sailer, R., Sreenivasan, Y.: Managing the risk of covert information flows in virtual machine systems. In: Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, pp. 81–90. ACM, New York (2007)Google Scholar
  9. 9.
    Ju S., Song X.: On the Formal Characterization of Covert Channel, pp. 155–160. Content Computing. Springer, Berlin (2004)Google Scholar
  10. 10.
    Mevag, I.: Towards automatic management and live migration of virtual machines. Master’s thesis, University of Oslo, Oslo University College (UiO/HiO), Oslo, Norway (2007)Google Scholar
  11. 11.
    Murdoch, S.: Covert channel vulnerabilities in anonymity systems. http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-706.pdf (2007). Accessed 10 Nov 2010
  12. 12.
    Murdoch S., Lewis S.: Embedding covert channels into TCP/IP. In: Information Hiding, pp. 247–261. Springer, Berlin (2005)Google Scholar
  13. 13.
    Oberheide, J., Cooke, E., Jahanian, F.: Empirical exploitation of live virtual machine migration. In: Proceedings of BlackHat DC Convention (2008)Google Scholar
  14. 14.
    Okamura, K., Oyama, Y.: Load-based covert channels between Xen virtual machines. In: Proceedings of the 2010 ACM Symposium on Applied Computing, pp. 173–180. ACM, New York (2010)Google Scholar
  15. 15.
    Paravirtualization. http://en.wikipedia.org/wiki/Paravirtualization. Accessed 10 Nov 2010
  16. 16.
    Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, You, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 199–212. ACM, New York (2009)Google Scholar
  17. 17.
    Rosenblum M., Garfinkel T.: Virtual machine monitors: current technology and future trends. Computer 38(5), 39–47 (2005)CrossRefGoogle Scholar
  18. 18.
    Rredhat virtualization guide. http://www.centos.org/docs/5/html/5.1/pdf/Virtualization.pdf. Accessed 10 Nov 2010
  19. 19.
    Rutkowska, J.: The implementation of passive covert channels in the Linux kernel. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.102.9319&rep=rep1&type=pdf (2004). Accessed 10 Nov 2010
  20. 20.
    Salaün, M.: Practical Overview of a Xen Covert Channel, pp. 1–12. Springer, Berlin (2009) (J. Comput. Virol.)Google Scholar
  21. 21.
    Shalini, K.: Managing covert information leaks in Xen virtual machine. M.Tech thesis, National Institute of Technology, Calicut, India (2010)Google Scholar
  22. 22.
    TCP sequence prediction attack. http://en.wikipedia.org/wiki/TCP_Sequence_Prediction_Attack. Accessed 10 Nov 2010
  23. 23.
    Transmission Control Protocol. http://en.wikipedia.org/wiki/Transmission_Control_Protocol. Accessed 10 Nov 2010
  24. 24.
    Tumoian, E., Anikeev, M.: Detecting NUSHU covert channels using neural networks (2005)Google Scholar
  25. 25.
    Virtualization Security Survey. http://www.prismmicrosys.com/documents/VirtualizationSecuritySurvey2010.pdf (2010). Accessed 10 Nov 2010
  26. 26.
    Wang, W., Zhang, Y., Lin, B., Wu, X., Miao, K.: Secured and reliable VM migration in personal cloud. In: 2nd International Conference on Computer Engineering and Technology (ICCET), vol. 1, pp. V1–705. IEEE, New York (2010)Google Scholar

Copyright information

© Springer-Verlag France 2012

Authors and Affiliations

  • P. Ranjith
    • 1
  • Chandran Priya
    • 1
  • Kaleeswaran Shalini
    • 1
  1. 1.Department of Computer Science and EngineeringNational Institute of Technology CalicutCalicutIndia

Personalised recommendations