Boffins propose 'guaranteed' hypervisor security

U.S. researchers are looking to improve virtualisation by tightening the restrictions around how code is run on a hypervisor.

Using new software, dubbed HyperSafe, the researchers hope to prevent malware from infecting hypervisors, on which virtual machines are run.

HyperSafe involves two security techniques. The first isolates the hypervisor memory range used to run executable code from the rest of the system.

This memory range is marked read-only using the Write Protect bit on the hardware. To introduce new code, the hypervisor administrator would have to sign into the software and physically reboot the entire system.

North Carolina State University computer scientist Xuxian Jiang called the technique "non-bypassable memory lockdown".

"This memory range cannot be changed to include new additional code for execution in hypervisor," Jiang told iTnews. "This prevents attempts to modify existing hypervisor code by external users."

HyperSafe's second technique, called restricted pointer indexing, protects commands, preventing existing hypervisor code from being misused.

The technique involves routing commands in a way that prevents any deviation from a hypervisor's normal behaviour, Jiang explained.

In research (pdf) that will be presented at the IEEE Symposium On Security And Privacy next Monday, Jiang and his PhD student Zhi Wang tested HyperSafe on two open source Type-I hypervisors.

They implemented a proof-of-concept prototype of HyperSafe on BitVisor and Xen, concluding that it is a "lightweight hypervisor protection mechanism that incurs less than five percent performance overhead".

The researchers said the software could be adapted for other Type-I hypervisors, such as VMware ESX and Microsoft Hyper-V, and hoped it would increase public confidence in the cloud.

"Currently, we just blindly trust the security of the hypervisor," Jiang told iTnews. "The HyperSafe software aims to change that with a guaranteed integrity of the hypervisor software."

The researchers currently have no plans for commercialising the technique; however, Jiang said they are "open for any possibilities, including a close collaboration with key players in the virtualisation market to better secure the hypervisor software."