Two researchers from North Carolina State University have been examining a range of techniques and software tactics that might be able to fend off malware that enters the system and hypervisor. Such malware could affect the systems of other users, which is part of what makes the threat of an attack of this kind particularly troublesome to those who are considering moving some or all of their operation into the cloud. The researchers have developed a new piece of software called HyperSafe that uses the existing hardware infrastructure to ward off hypervisor attack by isolating it using “non-bypassable memory lockdown” and another tactice called “restricted pointer indexing” that provides a profile of typical hypervisor behavior and does not allow for dramatic deviations without administrator approval. The research was funded by the U.S. Army Research Office and the NSF–it will be presented at the IEEE Symposium in Oakland in May.
New Research Spawns Hypervisor Protection Software
April 27, 2010