[talks] Diego Perez Botero MSE thesis talk

Melissa M. Lawson mml at CS.Princeton.EDU
Fri Apr 26 10:47:20 EDT 2013

Diego Perez Botero will present his MSE thesis talk on Friday May 3 
at 2PM in Room 301 (note room!).  The members of his committee are: 
Ruby Lee (ELE), advisor and Jennifer Rexford, reader.  Everyone is 
invited to attend his talk.  His abstract follows below.

Pwnetizer: Improving Availability in Cloud Computing through Fast Cloning and I/O Randomization

The rise of the Cloud Computing paradigm has led to security concerns amongst its adopters, given that resources are shared and mediated by a Hypervisor which may be targeted by rogue guest Virtual Machines (VMs) and remote attackers. We conducted a thorough analysis of the codebase of two popular open-source Hypervisors, Xen and KVM, followed by an extensive study of the vulnerability reports associated with them. Based on our findings, we propose a practical characterization of Hypervisor vulnerabilities. From this analysis, we see that more than one third of all attacks are due to device emulation and that availability breaches are by far the most common security breaches, considering the cornerstone security properties of Confidentiality, Integrity and Availability.

We developed Pwnetizer, a novel VM cloning strategy, to address these weaknesses of virtualized environments. Pwnetizer facilitates increased availability by rapidly generating clone VMs that can instantly contribute to the overall throughput of a Cloud Customer's applications, as they increase the resources available to it (network bandwidth, CPU and RAM). Previously, VM Cloning research has prioritized the performance of computationally-intensive workloads by enabling the creation of transient clone VMs that depend on a master VM. Meanwhile, the few alternatives able to generate fully-independent stateful VM Clones suffer from considerable downtimes (tens of seconds), which is itself a loss of availability. A KVM-based prototype of our Pwnetizer solution is able to gracefully generate on-demand independent VM Clones with sub-second downtimes.

At minimal additional overhead, our cloning technology also randomizes the device drivers employed by each clone VM. This takes advantage of the variety of device drivers with overlapping functionality supported by commodity Hypervisors. Without having to vet them beforehand, we defend a set of diversified clone VMs against current and future attacks on device drivers with security vulnerabilities. This further improves availability by preventing large-scale VM crashes caused by attacks made possible by device emulation bugs.

More information about the talks mailing list