Defeating TCG TOCTOU Attacks in Trusted HVM
Virtualization technologies have been explored to mitigate the vulnerabilities in the current TCG architecture. But only a small number of efforts address the handling of the detected TCG TOCTOU attacks. This paper aims to defeat TCG TOCTOU attacks occurring in Xen hardware virtual machines. We propose an efficient response approach (ERA) in the environment of the Xen virtual machine monitor and the virtual TPM facility shipped with the Xen. ERA has the following features: (1) Effective in defeating the TCG TOCTOU attacks; (2) Impose less overhead on the system during normal execution; and (3) Transparent to guest virtual machines. We describe the ERA implementation in detail and evaluate its ability via experiments.
trusted computing TOCTOU attacks hardware virtual machines kernel rootkit
Xiaolin CHANG Han ZHEN JiQiang LIU Bin XING Jogesh K. MUPPALA
Department of Computer Engineering Beijing JiaoTong University, Beijing, P.R. China Department of Computer Science and Engineering Hong Kong University of Science and Technology, Hong
国际会议
南京
英文
598-602
2010-11-01(万方平台首次上网日期,不代表论文的发表时间)