论文信息 - A covert channel construction in a virtualized environment

A covert channel construction in a virtualized environment

Memory deduplication has been widely used in various commodity hypervisors. However, while this technique improves memory efficiency, it has an impact on system security. In particular, memory deduplication is usually implemented using a variant of copy-on-write techniques, for which, writing to a shared page would incur a longer access time than those non-shared. By exploiting this artifact, we demonstrate a new covert channel can be built in a virtualized environment.

Hai Huang | Zhang Xu | Haining Wang | Jidong Xiao

[1] Matti A. Hiltunen,et al. An exploration of L2 cache covert channels in virtualized environments , 2011, CCSW '11.

[2] Cyrille Artho,et al. Memory deduplication as a threat to the guest OS , 2011, EUROSEC '11.

[3] Cyrille Artho,et al. Software Side Channel Attack on Memory Deduplication , 2011, SOSP 2011.