Stefan, From: Stefan Hajnoczi <[email protected]> Subject: Re: EuroSec'11 Presentation Date: Mon, 11 Apr 2011 09:51:42 +0100
> On Sun, Apr 10, 2011 at 4:19 PM, Kuniyasu Suzaki <[email protected]> wrote: > > > > From: Avi Kivity <[email protected]> > > Subject: Re: EuroSec'11 Presentation > > Date: Sun, 10 Apr 2011 17:49:52 +0300 > > > >> On 04/10/2011 05:23 PM, Kuniyasu Suzaki wrote: > >> > Dear, > >> > > >> > I made a presentation about memory disclosure attack on SKM (Kernel > >> > Samepage Merging) with KVM at EuroSec 2011. > >> > The titile is "Memory Deduplication as a Threat to the Guest OS". > >> > http://www.iseclab.org/eurosec-2011/program.html > >> > > >> > The slide is downloadbale. > >> > > >> > http://www.slideshare.net/suzaki/eurosec2011-slide-memory-deduplication > >> > The paper will be downloadble form ACM Digital Library. > >> > > >> > Please tell me, if you have comments. Thank you. > >> > >> Very interesting presentation. It seems every time you share something, > >> it become a target for attacks. > > > > I'm happy to hear your comments. > > The referee's comment was severe. It said there was not brand-new > > point, but there are real attack experiences. My paper was just > > evaluated the detction on apahce2 and sshd on Linux Guest OS and > > Firefox and IE6 on Windows Guest OS. > > If I have a VM on the same physical host as someone else I may be able > to determine which programs and specific versions they are currently > running. > > Is there some creative attack using this technique that I'm missing? > I don't see many serious threats. The memory disclosure attack assumed to be applied on Cloud Computing which offers multi tenants. Even if a application has a vulnerablity, attacker can find and attack it. As I show my slides, IE6 is an exmaple. The situation resembles to Cross VM Side Channel Attack mentioned in CCS10 paper "Hey, you, get off of my cloud". ---- Kuniyasu Suzaki -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
