| Covert channel is one type of information hiding technologies,emphasizing the concealment of the communication itself. But withvirtualization, the scenario of covert channels is becoming wider. Attackers arecapable of using covert channels to bypass defense mechanisms, and to leakinformation between virtual machines. The existence of covert channels threatsthe security of virtualization environment. This paper focused on the covertchannel in the virtualization environment.Firstly, this thesis studied the coincidence between virtual machines, basedon characters of the virtualization environment and the existence condition ofcovert channels. It proposed the necessity that covert channels exist in thevirtualization environment.Secondly, this paper proposed a new type of timing covert channel on Xen,the On/Off covert channel. Such covert channel hides the sensitive informationin the timing characters of I/O ring buffer elements to transfer data. This articleimplemented the prototype system on Xen, and tested its bit rate and error rate through experiments. Results showed that its performance is excellent amongthose timing covert channels on Xen. Besides that, this paper also discusseddefense mechanisms to the On/Off channel.Then this paper introduced another noiseless storage covert channel, thesubpage copy covert channel. Such channel utilizes the standard usage mode ofthe page copy to transfer covert information, hiding sensitive information in thepage offset and/or data length and transferred through XenStore. This paperdiscussed key points and difficulties of using the channel and implemented theprototype system on Xen, and then experimentally measured its transmissionrate. Results showed that the performance of subpage copy covert channel isvery good among those storage covert channels on Xen. Additionally, the thesisdescribed challenges to defend such covert channel, accentuating the importanceof security management. |
PDF Full Text Request