| In the60s of last century,the United States academics began budding research ofcomputer virtual technology.Christopher Strachey’s "Time sharing in large fastcomputers" paper at the International Conference on Information Processing in June1959is considered to be the earliest exposition of virtualization technology.In1965,IBM proposed virtual machine technology, through something called VMM (VirtualMachine Monitor) technology to generate a lot of virtual machine instances which canrun independently of the operating system software on the physical hardware.In recent years,virtualization and cloud computing concept is getting more andmore hotter, the virtualization software market becomes dramatically warmer at thesame time. However,virtualization technology not only bring us convenience, but alsobrings new security issues.Because multiple virtual machines are running on the samephysical virtualization platform, sharing such as CPU,memory, hard drives and otherphysical resources between them, so an attacker can take advantage of these sharedphysical resources to build a covert channel to steal information from other virtualmachines. The main points of this paper are as follows:1.This paper introduces virtualization technologies briefly and the architecture ofXen virtual machine in detailed.2.Expands research on virtualization security issues,next describes the cross-virtualmachine security issues,also studies the traditional covert channel attacks,followed in-depth studies the inter-virtual machine covert channel attacks basedon CPU load.3.Proposes my own defense ideas for the covert channel attacks based on CPUload to achieve the steps to build and set-up cross-virtual machine covertchannel. Finally it turns to be correct of the proposed assuming the validity of thedefense through experiment. |
PDF Full Text Request