Advertisement

Furnace: Self-service Tenant VMI for the Cloud

  • Micah BushouseEmail author
  • Douglas Reeves
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11050)

Abstract

Although Virtual Machine Introspection (VMI) tools are increasingly capable, modern multi-tenant cloud providers are hesitant to expose the sensitive hypervisor APIs necessary for tenants to use them. Outside the cloud, VMI and virtualization-based security’s adoption rates are rising and increasingly considered necessary to counter sophisticated threats. This paper introduces Furnace, an open source VMI framework that outperforms prior frameworks by satisfying both a cloud provider’s expectation of security and a tenant’s desire to run their own custom VMI tools underneath their cloud VMs. Furnace’s flexibility and ease of use is demonstrated by porting four existing security and monitoring tools as Furnace VMI apps; these apps are shown to be resource efficient while executing up to 300x faster than those in previous VMI frameworks. Furnace’s security properties are shown to protect against the actions of malicious tenant apps.

Keywords

Cloud security Virtual machine introspection Sandboxing 

Notes

Acknowledgement

We thank the anonymous reviewers, William Enck, Nathan Hicks, Luke Deshotels, and Isaac Polinsky for their comments.

References

  1. 1.
    Arulraj, L., Arpaci-Dusseau, A.C., Arpaci-Dusseau, R.H.: Improving virtualized storage performance with sky. In: ACM VEE (2017).  https://doi.org/10.1145/3050748.3050755
  2. 2.
    Baek, H.W., Srivastava, A., Merwe, J.V.D.: CloudVMI: virtual machine introspection as a cloud service. In: 2014 IEEE International Conference on Cloud Engineering, pp. 153–158 (2014).  https://doi.org/10.1109/IC2E.2014.82
  3. 3.
    Bahram, S., et al.: DKSM: subverting virtual machine introspection for fun and profit. In: 29th IEEE Symposium on Reliable Distributed Systems, October 2010Google Scholar
  4. 4.
    Bauman, E., Ayoade, G., Lin, Z.: A survey on hypervisor-based monitoring: approaches, applications, and evolutions. ACM Comput. Surv. 48, 10 (2015)CrossRefGoogle Scholar
  5. 5.
    Bushouse, M., Ahn, S., Reeves, D.: Arav: monitoring a cloud’s virtual routers. In: Proceedings of the 12th Annual Conference on Cyber and Information Security Research (2017)Google Scholar
  6. 6.
    Butt, S., Lagar-Cavilla, H.A., Srivastava, A., Ganapathy, V.: Self-service cloud computing. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security. CCS 2012, pp. 253–264. ACM, New York (2012).  https://doi.org/10.1145/2382196.2382226
  7. 7.
    Dolan-Gavitt, B., Payne, B., Lee, W.: Leveraging forensic tools for virtual machine introspection. Technical report, Georgia Institute of Technology (2011)Google Scholar
  8. 8.
    Dykstra, J., Sherman, A.T.: Design and implementation of FROST: digital forensic tools for the openstack cloud computing platform. Digit. Invest. 10, S87–S95 (2013)CrossRefGoogle Scholar
  9. 9.
    Fischer, A.: CloudIDEA: a malware defense architecture for cloud data centers. In: Debruyne, C. (ed.) On the Move to Meaningful Internet Systems: OTM 2015 Conferences. OTM 2015, vol. 9415, pp. 594–611. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-26148-5_40CrossRefGoogle Scholar
  10. 10.
    Fraser, T., Evenson, M., Arbaugh, W.: VICI virtual machine introspection for cognitive immunity. In: 2008 Annual Computer Security Applications Conference. ACSAC 2008 (2008)Google Scholar
  11. 11.
    Garfinkel, T.: Traps and pitfalls: practical problems in system call interposition based security tools. In: NDSS, vol. 3, pp. 163–176 (2003)Google Scholar
  12. 12.
    Garfinkel, T., Rosenblum, M.: A virtual machine introspection based architecture for intrusion detection. In: Proceedings of the Network and Distributed Systems Security Symposium (2003)Google Scholar
  13. 13.
    Gorenc, B., Spelman, J.: Thinking Outside the Sandbox: Violating Trust Boundaries in Uncommon Ways. Black Hat, USA (2014)Google Scholar
  14. 14.
    Jaeger, T., Sailer, R., Zhang, X.: Analyzing integrity protection in the SELinux example policy. In: USENIX SEC (2003)Google Scholar
  15. 15.
    Jain, B., Baig, M.B., Zhang, D., Porter, D.E., Sion, R.: SoK: introspections on trust and the semantic gap. In: IEEE S&P (2014)Google Scholar
  16. 16.
    Kim, T., Zeldovich, N.: Practical and effective sandboxing for non-root users. In: USENIX ATC, San Jose, CA (2013)Google Scholar
  17. 17.
    Lengyel, T.K., Maresca, S., Payne, B.D., Webster, G.D., Vogl, S., Kiayias, A.: Scalability, fidelity and stealth in the DRAKVUF dynamic malware analysis system. In: Proceedings of the 30th Annual Computer Security Applications Conference. ACSAC 2014. ACM (2014)Google Scholar
  18. 18.
    Liu, Z., Lovet, G.: Breeding sandworms: how to fuzz your way out of adobe reader x’s sandbox. In: Black Hat EUROPE (2012)Google Scholar
  19. 19.
    Payne, B.D., de Carbone, M., Lee, W.: Secure and flexible monitoring of virtual machines. In: Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC) (2007)Google Scholar
  20. 20.
    Provos, N.: Improving host security with system call policies. In: USENIX SEC (2003)Google Scholar
  21. 21.
    Sanders, M., Yue, C.: Automated least privileges in cloud-based web services. In: Proceedings of the Fifth ACM/IEEE Workshop on Hot Topics in Web Systems and Technologies. HotWeb 2017, pp. 3:1–3:6. ACM, New York (2017).  https://doi.org/10.1145/3132465.3132470
  22. 22.
    Sgandurra, D., Lupu, E.: Evolution of attacks, threat models, and solutions for virtualized systems. ACM Comput. Surv. 48(3), 46:1–46:38 (2016).  https://doi.org/10.1145/2856126CrossRefGoogle Scholar
  23. 23.
    Shin, S., Porras, P.A., Yegneswaran, V., Fong, M.W., Gu, G., Tyson, M.: FRESCO: modular composable security services for software-defined networks. In: NDSS (2013)Google Scholar
  24. 24.
    Suneja, S., Isci, C., de Lara, E., Bala, V.: Exploring VM introspection: techniques and trade-offs. In: ACM VEE (2015).  https://doi.org/10.1145/2731186.2731196
  25. 25.
    Swiecki, R.: Promises and pitfalls of sandboxes. In: Presented at CONFidence (2017)Google Scholar
  26. 26.
    Takanen, A., Demott, J.D., Miller, C.: Fuzzing for Software Security Testing and Quality Assurance. Artech House, Norwood (2008)zbMATHGoogle Scholar
  27. 27.
    Taubmann, B., Rakotondravony, N., Reiser, H.P.: CloudPhylactor: harnessing mandatory access control for virtual machine introspection in cloud data centers. In: 2016 IEEE Trustcom/BigDataSE/ISPA, pp. 957–964, August 2016.  https://doi.org/10.1109/TrustCom.2016.0162
  28. 28.
    Yosifovich, P., Russinovich, M.E., Solomon, D.A., Ionescu, A.: Windows Internals, 7th edn. Microsoft Press, Redmond (2017)Google Scholar
  29. 29.
    Zach, J., Reiser, H.P.: LiveCloudInspector: towards integrated IaaS forensics in the cloud. In: Bessani, A., Bouchenak, S. (eds.) DAIS 2015. LNCS, vol. 9038, pp. 207–220. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-19129-4_17CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.North Carolina State UniversityRaleighUSA

Personalised recommendations