| Title | All Your VMs Are Disconnected: Attacking Hardware Virtualized Network |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Zhou, Zhe, Li, Zhou, Zhang, Kehuan |
| Conference Name | Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-4523-1 |
| Keywords | composability, Human Behavior, Metrics, oam, privacy, pubcrawl, resilience, Resiliency, sriov, virtualization, virtualization privacy |
| Abstract | Single Root I/O Virtualization (SRIOV) allows one physical device to be used by multiple virtual machines simultaneously without the mediation from the hypervisor. Such technique significantly decreases the overhead of I/O virtualization. But according to our latest findings, in the meantime, it introduces a high-risk security issue that enables an adversary-controlled VM to cut off the connectivity of the host machine, given the limited filtering capabilities provided by the SRIOV devices. As showcase, we demonstrate two attacks against SRIOV NIC by exploiting a vulnerability in the standard network management protocol, OAM. The vulnerability surfaces because SRIOV NICs treat the packets passing through OAM as data-plane packets and allow untrusted VMs to send and receive these packets on behalf of the host. By examining several off-the-shelf SRIOV NICs and switches, we show such attack can easily turn off the network connection within a short period of time. In the end, we propose a defense mechanism which runs on the existing hardware and can be readily deployed. |
| URL | http://doi.acm.org/10.1145/3029806.3029810 |
| DOI | 10.1145/3029806.3029810 |
| Citation Key | zhou_all_2017 |
All Your VMs Are Disconnected: Attacking Hardware Virtualized Network