Использование аппаратной виртуализации в контексте информационной безопасности

Статья посвящена возможностям использования аппаратной виртуализации для решения различных задач информационной безопасности. Предлагается обзор подходов к повышению безопасности программных систем, основанных на использовании виртуализации. Также приводится обзор возможных сценариев использования виртуализации злоумышленниками. Указываются области применения и ограничения существующих решений и дальнейшие перспективы развития рассматриваемой области

информационная безопасность, виртуализация, гипервизор

1. Липаев В.В. Методы обеспечения качества крупномасштабных программных средств. М.: СИНТЕГ, 2003. 520 с.

2. T. Garfinkel. Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools. // Proc. of the Internet Society's 2003 Symposium on Network and Distributed System Security. 2003. Pp. 163-176.

3. G.J. Popek, R.P. Goldberg. Formal Requirements for Virtualizable Third Generation Architectures. // Communications of the ACM, Volume 17, Issue 7, July 1974, pp. 412-421.

4. Касперски К. Аппаратная виртуализация или эмуляция "без тормозов". // InsidePro, 2007. [HTML] http://www.insidepro.com/kk/159/159r.shtml

5. A. Dinaburg, P. Royal, M. Sharif, W. Lee. Ether: Malware Analysis via Hardware Virtualization Extensions. // Proc. of the 15th ACM conference on Computer and communications security. 2008. Pp. 51-62.

6. S. Krishnan, K.Z. Snow, F. Monrose. Trail of bytes: efficient support for forensic analysis. // Proc. of the 17th ACM conference on Computer and communications security. 2010. Pp. 50-60.

7. T. Garfinkel, M. Rosenblum. A Virtual Machine Introspection Based Architecture for Intrusion Detection. // Proc. of the Symposium on Network and Distributed System Security (NDSS'03). 2003. [PDF] http://suif.stanford.edu/papers/vmi-ndss03.pdf

8. X. Jiang, X. Wang, D. Xu. Stealthy Malware Detection Through VMM-Based “Out-of-the-Box” Semantic View Reconstruction. // Proc. of the 14th ACM conference on Computer and communications security. 2007. Pp. 128-138.

9. New VMware VMsafe Technology Allows the Virtual Datacenter to Be More Secure Than Physical Environments. // Press release. 2007. [HTML] http://www.vmware.com/company/news/releases/vmsafe_vmworld.html

10. Intel Trusted Execution Technology Architectural Overview. // Intel White Paper. 2008. [PDF] http://www.intel.com/technology/security/downloads/arch-overview.pdf

11. G. Strongin. Trusted Computing Using AMD «Pacifica» and «Precidio» Secure Virtual Machine Technology. // Information Security Technical Report. 2005. Volume 10, Issue 2, pp. 120-132.

12. R. Wojtczuk, J. Rutkowska, A.Tereshkin. Another Way to Circumvent Intel Trusted Execution Technology. // Invisible Things Lab. December, 2009. [PDF] http://invisiblethingslab.com/resources/misc09/Another%20TXT%20Attack.pdf

13. R. Wojtczuk, J. Rutkowska. Attacking Intel Trusted Execution Technology. // Black Hat DC 2009. [PDF] http://invisiblethingslab.com/resources/bh09dc/Attacking%20Intel%20TXT%20-%20paper.pdf

14. S. Embleton, S. Sparks, C. Zou. SMM Rootkits: A New Breed of OS Independent Malware. // Proc. of the 4th international conference on Security and privacy in communication networks. Istanbul, Turkey, 2008. Article #11, pp. 1-12.

15. R. Wojtczuk, A. Tereshkin. Attacking Intel BIOS. // Black Hat USA 2009. [PDF] http://invisiblethingslab.com/resources/bh09usa/Attacking%20Intel%20BIOS.pdf

16. R. Wojtczuk, A. Tereshkin. Introducing Ring -3 Rootkits. // Black Hat USA 2009. [PDF] http://invisiblethingslab.com/resources/bh09usa/Ring%20-3%20Rootkits.pdf

17. J. Rutkowska. Subverting Vista Kernel For Fun And Profit. // Black Hat USA 2006. [PDF] http://www.blackhat.com/presentations/bh-usa-06/BH-US-06-Rutkowska.pdf

18. S.T. King, P.M. Chen, Y.M. Wang, C. Verbowski, H.J. Wang, J.R. Lorch. SubVirt: Implementing malware with virtual machines. // Proc. of the 2006 IEEE Symposium on Security and Privacy. 2006. Pp. 314–327.

19. A. Liguori. Debunking Blue Pill myth. // Interview to Virtualization.info. August, 2006. [HTML] http://virtualization.info/en/news/2006/08/debunking-blue-pill-myth.html

20. T. Garfinkel, K. Adams, A. Warfield, J. Franklin. Compatibility is Not Transparency: VMM Detection Myths and Realities. // 11th Workshop on Hot Topics in Operating Systems (HotOS-XI), 2007. [PDF] http://www.stanford.edu/~talg/papers/HOTOS07/vmm-detection-hotos07.pdf

21. S.E. Madnick, J.J. Donovan. Application and analysis of the virtual machine approach to information system security and isolation. // Proc. of the workshop on virtual computer systems. ACM, 1973, pp. 210-224.

22. C.R. Attanasio, P. W. Markstein, Ray J. Phillips. Penetrating an Operating System: A Study of VM/370 Integrity. // IBM Systems Journal, Volume 15, 1976. Pp. 102-116.

23. И.Б. Бурдонов, А.С. Косачев, В.В. Кулямин. Безопасность, верификация и теория конформности. // Материалы Второй международной научной конференции по проблемам безопасности и противодействия терроризму. Москва, МНЦМО, 2007. С. 135-159.

24. P.A. Karger, T.J. Watson. Is Your Virtual Machine Monitor Secure? // Materials of Third Asia-Pacific Trusted Infrastructure Technologies Conference, 2008. Pp. 5-5.

25. T. Garfinkel, M. Rosenblum. When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments. // 10th Workshop on Hot Topics in Operating Systems (HotOS-X), 2005. [PDF] http://www.stanford.edu/~talg/papers/HOTOS05/virtual-harder-hotos05.pdf

26. J. Rutkowska. Security Challenges in Virtualized Environments. // RSA Conference, 2008. [PDF] http://www.invisiblethingslab.com/resources/rsa08/Security%20Challanges%20in%20Virtualized%20Enviroments%20-%20RSA2008.pdf

27. R. Wojtczuk. Subverting the Xen Рypervisor. // Black Hat USA 2008. [PDF] http://invisiblethingslab.com/resources/misc08/xenfb-adventures-10.pdf

28. X. Chen, T. Garfinkel, E.C. Lewis, P. Subrahmanyam, C.A. Waldspurger, D. Boneh, J. Dwoskin, D.R.K. Ports. Overshadow: A Virtualization-Based Approach to Retrofitting Protection in Commodity Operating Systems. // Proc. of the 13th international conference on Architectural support for programming languages and operating systems (ASPLOS XIII). 2008. Pp. 2-13.

29. Яковенко П.Н. Прозрачный механизм удаленного обслуживания системных вызовов. // Труды Института системного программирования РАН. Том 18. 2010. С. 221-241.

30. I. Burdonov, A. Kosachev, P. Iakovenko. Virtualization-Based Separation of Privilege: Working With Sensitive Data In Untrusted Environment. // Proc. Of the 1st EuroSys Workshop on Virtualization Technology for Dependable Systems. 2009. Pp. 1-6.

31. Qubes Architecture Specification. Version 0.3. 2010. [PDF] http://qubes-os.org/files/doc/arch-spec-0.3.pdf