Duy Le, Hai Huang, et al.
FAST 2012
Memory deduplication has been widely used in various commodity hypervisors. By merging identical memory contents, it allows more virtual machines to run concurrently on top of a hypervisor. However, while this technique improves memory efficiency, it has a large impact on system security. In particular, memory deduplication is usually implemented using a variant of copy-on-write techniques, for which, writing to a shared page would incur a longer access time than those non-shared. In this paper, we investigate the security implication of memory deduplication from the perspectives of both attackers and defenders. On one hand, using the artifact above, we demonstrate two new attacks to create a covert channel and detect virtualization, respectively. On the other hand, we also show that memory deduplication can be leveraged to safeguard Linux kernel integrity. © 2013 IEEE.
Duy Le, Hai Huang, et al.
FAST 2012
Dan Williams, Eslam Elnikety, et al.
HotCloud 2011
Hai Huang, Kang G. Shin
MSST 2007
Kyung-Hwa Kim, Hai Huang, et al.
IC2E 2013