基于操作系统多样性的虚拟机安全部署策略

doi:10.11959/j.issn.2096-109x.2017.00201

网络与信息安全学报 ›› 2017, Vol. 3 ›› Issue (10): 35-43.doi: 10.11959/j.issn.2096-109x.2017.00201

基于操作系统多样性的虚拟机安全部署策略

张淼(),季新生,艾健健,刘文彦,扈红超,霍树民

国家数字交换系统工程技术研究中心，河南郑州 450002

修回日期:2017-09-01 出版日期:2017-10-01 发布日期:2017-11-13
作者简介:张淼（1994-），男，湖北孝感人，国家数字交换系统工程技术研究中心硕士生，主要研究方向为网络安全防御。|季新生（1968-），男，江苏南通人，国家数字交换系统工程技术中心教授、博士生导师，主要研究方向为网络空间安全、拟态安全。|艾健健（1989-），男，山东广饶人，国家数字交换系统工程技术研究中心博士生，主要研究方向为网络安全、软件定义网络。|刘文彦（1986-），男，河南鹿邑人，博士，国家数字交换系统工程技术研究中心助理研究员，主要研究方向为网络空间防御和云安全。|扈红超（1982-），男，河南商丘人，博士，国家数字交换系统工程技术中心副研究员，主要研究方向为网络空间安全、云数据中心。|霍树民（1985-），山西长治人，博士，国家数字交换系统工程技术研究中心助理研究员，主要研究方向为网络空间安全。
基金资助:
国家自然科学基金青年基金资助项目(61602509);国家自然科学基金创新研究群体基金资助项目(61521003);国家重点研发计划基金资助项目(2016YFB0800100);国家重点研发计划基金资助项目(2016YFB0800101)

Secure deployment strategy of virtual machines based on operating system diversity

Miao ZHANG(),Xin-sheng JI,Jian-jian AI,Wen-yan LIU,Hong-chao HU,Shu-min HUO

National Digital Switching Engineering ＆Technological R＆D Center,Zhengzhou 450002,China

Revised:2017-09-01 Online:2017-10-01 Published:2017-11-13
Supported by:
The National Science Foundation for Distinguished Young Scholars of China(61602509);The National Key R＆D Program of China(2016YFB0800100);The National Key R＆D Program of China(2016YFB0800101)

摘要/Abstract

摘要：

云计算的资源共享模式，在极大提高资源利用率的同时，也带来了诸多安全问题，如虚拟机间的共存攻击。特别是当用户使用单一的操作系统时，攻击者可以在较小的开销下，攻破用户的全部虚拟机，从而窃取隐私和数据。针对这一安全威胁，利用不同操作系统漏洞存在差异的特点，提出一种基于操作系统多样性的虚拟机安全部署策略。该方法首先为申请虚拟机的用户推荐一种多样性程度最高的操作系统配置选择；然后通过一种安全的部署策略，最大化地发挥多样性的特点，使攻击者需要付出更大的开销。实验结果表明，与单一操作系统配置的方法相比，该方法至少可以降低33.46%的攻击效益。

关键词: 虚拟机, 共存攻击, 操作系统, 多样性, 云安全

Abstract:

The resource-sharing model for cloud computing raises many security issues,such as co-resident of virtual machines,while greatly improving resource utilization.In particular,when a user adopts a single operating system,an attacker can steal privacy and data by compromising the user's entire virtual machine at a smaller cost.In view of this security threat,a strategy for the security deployment of virtual machine based on operating system diversity was presented.This method firstly recommended an operating system configuration options for users applying for virtual machines with the highest degree in diversity,and then through the secure deployment strategy,maximized the effect of diversity,thus making the attacker pay more cost.The experimental results show that compared with the method of single operating system,this method can reduce the attack efficiency by 33.46% at least.

Key words: virtual machine, co-resident attack, operating system, diversity, cloud security

中图分类号:

TP302

张淼,季新生,艾健健,刘文彦,扈红超,霍树民. 基于操作系统多样性的虚拟机安全部署策略[J]. 网络与信息安全学报, 2017, 3(10): 35-43.

Miao ZHANG,Xin-sheng JI,Jian-jian AI,Wen-yan LIU,Hong-chao HU,Shu-min HUO. Secure deployment strategy of virtual machines based on operating system diversity[J]. Chinese Journal of Network and Information Security, 2017, 3(10): 35-43.

图/表 5

表1

表2

图1

图2

图3

参考文献 18

[1]	RISTENPART T , TROMER E , SHACHAM H ,et al. Hey,you,get off of my cloud:exploring information leakage in third-party compute clouds[C]// ACM Conference on Computer and Communications Security. 2009.
[2]	APECECHEA G I , INCI M S , EISENBARTH T ,et al. Fine grain cross-VM attacks on Xen and VMware are possible![J]. Ecewp.ece.wpi.edu, 2014
[3]	OSVIK D A , SHAMIR A , TROMER E . Cache attacks and countermeasures:the case of AES[J]. Lecture Notes in Computer Science, 2006,(2005): 1-20.
[4]	YAROM Y , FALKNER K . FLUSH+RELOAD:a high resolution,low noise,L3 cache side-channel attack[C]// Usenix Conference on Security Symposium. 2014: 719-732.
[5]	ZHANG Y , REITER M K . Düppel:retrofitting commodity operating systems to mitigate cache side channels in the cloud[C]// ACM Sigsac Conference on Computer ＆ Communications Security. 2013.
[6]	WANG Z , LEE R B . A novel cache architecture with enhanced performance and security[C]// IEEE/ACM International Symposium on Microarchitecture. 2008.
[7]	MOON S J , SEKAR V , REITER M K . Nomad:mitigating arbitrary cloud side channels via provider-assisted migration[C]// The 22nd ACM SIGSAC Conference on Computer and Communications Security. 2015: 1595-1606.
[8]	AVIZIENIS A , CHEN L . On the implementation of N-version programming for software fault tolerance during program execution[J]. Proc of the Compsac, 1977,6(1): 25-37.
[9]	FORREST S , SOMAYAJI A , ACKLEY D . Building diverse computer systems[C]// The Workshop on Hot Topics in Operating Systems. 1997: 67-72.
[10]	HOFMEYR S A , FORREST S . Architecture for an artificial immune system[J]. Evolutionary Computation, 2000,8(4): 443-473.
[11]	GASHI I , POPOV P , STRIGINI L . Fault tolerance via diversity for off-the-shelf products:a study with SQL database servers[J]. IEEE Transactions on Dependable and Secure Computing, 2007,4(4): 280-294.
[12]	NEWELL A , OBENSHAIN D , TANTILLO T ,et al. Increasing network resiliency by optimally assigning diverse variants to routing nodes[C]// IEEE/IFIP International Conference on Dependable Systems and Networks. 2013.
[13]	GARCIA M , BESSANI A , GASHI I ,et al. Analysis of operating system diversity for intrusion tolerance[J]. Software-practice ＆Experience, 2014,44(6): 735-770.
[14]	BATES A , MOOD B , PLETCHER J ,et al. Detecting co-residency with active traffic analysis techniques[C]// The 2012 ACM Workshop on Cloud Computing Security Workshop. 2012
[15]	ZHANG Y , JUELS A , OPREA A ,et al. HomeAlone:co-residency detection in the cloud via side-channel analysis[C]// IEEE Symposium on Security and Privacy. 2011.
[16]	ZHANG Y , JUELS A , REITER M K ,et al. Cross-VM side channels and their use to extract private keys[C]// ACM Conference on Computer and Communications Security. 2012
[17]	LEINSTER T , COBBOLD C A . Measuring diversity:the importance of species similarity[J]. Ecology, 2012,93(3):477.
[18]	HAN Y , CHAN J , ALPCAN T ,et al. Using virtual machine allocation policies to defend against co-resident attacks in cloud computing[J]. IEEE Transactions on Dependable ＆ Secure Computing, 2017,14(1): 95-108.

OS	OS共同漏洞
OS	Windows 7	Windows 8	Windows 10	Ubuntu	Fedora	OS X
Windows 7	374	142	219	0	0	0
Windows 8	142	154	55	0	0	0
Windows 10	219	55	316	0	0	0
Ubuntu	0	0	0	583	58	31
Fedora	0	0	0	58	306	2
OS X	0	0	0	31	2	841

实验	操作系统
实验	Windows 7	Windows 8	Windows 10	Ubuntu	Fedora	OS X	多样性度量
1	1	5	4	—	—	—	1.573 1
2	—	—	—	3	3	4	2.653 4
3	4	—	—	—	3	3	2.963 1
4	—	4	—	—	3	3	2.963 1
5	1	3	2	4	—	—	2.546 2
6	3	—	—	2	2	3	3.629 5
7	2	2	—	3	—	3	3.141 5
8	2	2	—	—	3	3	3.217 0

基于操作系统多样性的虚拟机安全部署策略

Secure deployment strategy of virtual machines based on operating system diversity

在线阅读

pdf下载

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 5

参考文献 18

相关文章 14

Metrics

推荐阅读 0

[1]	谢根琳, 程国振, 王亚文, 王庆丰. 基于gadget特征分析的软件多样性评估方法[J]. 网络与信息安全学报, 2023, 9(3): 161-173.
[2]	王子驰, 冯国瑞, 张新鹏. NFT图像隐写[J]. 网络与信息安全学报, 2022, 8(3): 18-28.
[3]	曾威, 扈红超, 李凌书, 霍树民. 容器云中基于Stackelberg博弈的动态异构调度方法[J]. 网络与信息安全学报, 2021, 7(3): 95-104.
[4]	熊小兵,舒辉,康绯. 基于融合编译的软件多样化保护方法[J]. 网络与信息安全学报, 2020, 6(6): 13-24.
[5]	谭晶磊, 张红旗, 雷程, 刘小虎, 王硕. 面向SDN的移动目标防御技术研究进展[J]. 网络与信息安全学报, 2018, 4(7): 1-12.
[6]	潘雁,林伟. 增强型虚拟寄存器轮转算法[J]. 网络与信息安全学报, 2018, 4(5): 47-54.
[7]	王伟, 陈兴蜀, 兰晓, 金鑫. 基于VMI的虚拟机远程证明方案[J]. 网络与信息安全学报, 2018, 4(12): 32-43.
[8]	张建标,朱元曦,胡俊,王晓. 面向云环境的虚拟机可信迁移方案[J]. 网络与信息安全学报, 2018, 4(1): 6-14.
[9]	赵硕,季新生,程国振,毛宇星. 面向多租户的关键虚拟机动态迁移方法研究[J]. 网络与信息安全学报, 2017, 3(8): 8-17.
[10]	施江勇,杨岳湘,李文华,王森. 基于SDN的云安全应用研究综述[J]. 网络与信息安全学报, 2017, 3(5): 10-25.
[11]	王锴,李志华,黄凡,严飞. HyperSpector：基于UEFI的VMM动态可信监控基的设计与实现[J]. 网络与信息安全学报, 2016, 2(12): 47-55.
[12]	徐鹏,金海. 可搜索加密的研究进展[J]. 网络与信息安全学报, 2016, 2(10): 8-16.
[13]	刘宇涛,陈海波. 虚拟化安全：机遇，挑战与未来[J]. 网络与信息安全学报, 2016, 2(10): 17-28.
[14]	代炜琦,邹德清,金海,夏妍. 云环境面向虚拟域的安全状态一致性保障机制研究[J]. 网络与信息安全学报, 2016, 2(10): 48-57.