Lightweight Virtual Machine Manager and Security Applications
|School||Huazhong University of Science and Technology|
|Course||Applied Computer Technology|
|Keywords||Lightweight Virtual Machine Manager Hardware-assisted virtualization Shadow page table Security applications|
The emergence of virtualization technology has brought changes in the structure of a computer system , but also for traditional security issues of the new solution. Traditional Virtual Machine Manager can simultaneously provide multiple execution environment , and to ensure mutual isolation, therefore the application of different security levels can segment customers into different operating systems . Same time as the Virtual Machine Manager privilege level of the upgrade, security components can be deployed to a virtual machine manager , by means other than a virtual machine inside a virtual machine monitor events . However, the traditional virtualization technology applied to client will encounter significant problems. Virtualization technology to bring the performance overhead, especially full virtualization technology will result in at least 20% performance degradation , will result in decreased client user experience , even after the use of virtualization can improve security , the user will not necessarily be used. Virtual Machine Manager while its powerful lead to a huge amount of code , so there is a lot of its own security vulnerabilities . Lightweight Virtual Machine Manager is used to solve the above problems . Lightweight Virtual Machine Manager uses hardware-assisted virtualization technology only for a single operating system and does not provide device drivers do not have the capabilities to create other virtual machines , so the amount of code than traditional Virtual Machine Manager will be greatly reduced, demand while providing implants , on-demand capabilities to maximize exit protect the user experience. Meanwhile, Lightweight Virtual Machine Manager also has a higher privilege level of the operating system kernel and the integration of the shadow page table technology, therefore, according to the characteristics of hardware virtualization technology can transparently within the operating system event monitoring. Depending on the security needs of different events monitored in order to achieve both provide security and ensure that the purpose of the user experience . Finally , in order to verify the Lightweight Virtual Machine Manager effectiveness , combined with the common security applications under Linux Lightweight Virtual Machine Manager is used to detect kernel-level attacks and killing ; under Windows , even if the operating system has been by the kernel level keyloggers attacks, lightweight virtual Machine Manager can still be used to ensure that the keyboard is not being monitored.