Research paper available below:
Practicum - research paper:
Practicum - research paper:
Monday, November 22, 2010
Wednesday, September 15, 2010
Tuesday, August 17, 2010
Tests against each Experiment
Within each experiment there are 5 tests which are ran...
Test 1 - Geekbench - performs a number of general performance measurements against a system.
Test 2a - Ramspeed test - Performs 4 operations : Copy(A=B), Scale(A=B*m), Add(A=B+C) and Triad(A=B+C*m). using INT
Test 2b - Ramspeed test - Performs 4 operations : Copy(A=B), Scale(A=B*m), Add(A=B+C) and Triad(A=B+C*m). using FP
Test 3 - systester - 5 runs are made against calculating a 512K Pi value - these runs are totaled & timed - CPU based test
Test 4a - Disk Subsystem - Performs 10 random 32mb reads against the disk - noting performance information
Test 4b -Disk Subsystem - Performs 10 random 32mb writes against the disk
Test 5a - Network connectivity to the network gateway - physical device on the network
Test 5b - Network connectivity to the Host - via virtual networking
Test 5c - Network connectivity to another VM within the same host
Test6a- Forkbomb executed on 1 VM within host
Test6b- Forkbomb executed on 2 VM's within host
Test6c- Forkbomb executed on 3VM's within host
All tests are carried out from a Linux VM within the host.. Also 2 control experiments... 1 from within a VM with no hostile events taking place...
I've finally revised all my test scripts..
with 2 seperate tests for CPU/Memory/DiskIO/NetworkIO
I've completed testing on Virtualbox & Workstation
fully configured XEN and ESXi & Hyper-V
Hypervisors & Experiments
Hypervisor1- VirtualBox running on Windows 7 64bit - (Sata disk 1)
Hypervisor2 - Workstation running on Windows7 64bit - (Sata disk 1)
Hypervisor3 - Hyper-V within Win2008 R2 - (Sata disk 1)
Hypervisor4 - XENServer - (Sata disk 2)
Hypervisor5- ESXi - (Sata disk 3)
Experiment 1 - Crashme - sending non-sensical data to a VM (WinXP least secure) with the intent of causing a full crash of the VM itself, if not a full crash the vCPU will have to deal with non-sensical instructions
Experiment 2 - Fuzz Testing - sending random messages via specific programs causing CPU & Mem overloading of a VM, this can cause some application to crash, however my intent is not to test FUZZ, however see it's effect on other VM's within the same Host.
Experiment 3 - Fork Bombs... - By initializing a fork bomb - (causing a process to create unlimited child processes ) can over load the memory within a VM, causing it to become unstable or actually hang/crash - Divided into 3 sub experiments in which 3 out of 4 running VM's are hit with Forkbombs
Experiment 4 - DoS attack - Attack using 2 zombie machines (not located on the host) to attack using a TCP syn storm a target VM within the hosted environment, This server should become unstable, let alone the flooding of the v network cards / physical network card.
Hypervisors dropped:
Parallels running on Windows 7 64bit (Type 2 Hypervisor)
Reason: Unable to run experiment 4 on target VM
Issue: Parallels only uses NAT for virtual networking from Virtual Machines via host NIC through to the physical network, therefore the VM's IP address is a private IP inside the Host on the Virtual Switch.
In order for Experiment 4 to work Bridged networking must be in place, which using dynamic IP's via a DHCP service or Static IP's each VM has it's own MAC & IP address visible through the physical NIC on the physical network.
KVM runnning on ubuntu 10.4
Reason: Same as above, unable to configure virtual switch for bridging & also unable to grab/ungrab VM's desktop for MS machines using the AQEMU management console within KVM.
As a result via both problems I was unable to test and even configure all test VM's on this platform due to AQEMU freezing up.
Thursday, August 12, 2010
Papers i've read on virtualization and security
http://advosys.ca/viewpoints/2007/09/cis-virtualization-security-guide/
http://soda.swedish-ict.se/3800/1/T2009_14A.pdf - excellent paper from the Swedish institute of Computer Science on Virtualization,
Formal requirements of Virtual Architectures - http://www-users.itlabs.umn.edu/classes/Fall-2009/csci8980-virtual/papers/popek-virt-reqmts.pdf
http://www.itm.iit.edu/netsecure10/Suva-Broda-Fortel-IsVirtualizationPuttingYouAtRisk-IITNetsecure10.pdf - Presentation on Virtualization Security Risks
http://studies.ac.upc.edu/doctorat/ENGRAP/Miquel.pdf - Overhead of virtual networking on a host system
http://www.kernel.org/doc/ols/2007/ols2007v1-pages-225-230.pdf - excellent paper detailing the KVM - Hypervisor
Testing Platform
Full testing Platforms to be tested as as follows:
All these tests will take place on a Quad Core 2.4Ghz Intel Processor with the Intel-Vt chip installed, Host contains 3Gb of RAM and a single 7.2krpm SATA HDD. (SATA HDD swapped out for additional hypervisors)
By choosing a single platform, all hypervisor tests are now comparable as they are all running on a single platform.
3 O.S's installed on the system to allow for multiboot functionality
1. Windows 7 - 64bit - used for testing Virtualbox/Workstation/Parallels Hosted Hypervisors
2. Windows 2008 Server 64bit - Installed with Hyper-V hypervisor
3. Unbutu 10.4 64bit - installed with the Linux KVM Hypervisor
I had use of a Dell Poweredge 2950 server with Dual-Core 2.4Ghz Processor, 4Gb of RAM, Perc 5i Raid Controller and 6 136Gb 10krpm SAS drives.
3 Logical Raid 1 Disks were presented at hardware level RAID, however it was not possible to install a multiboot environment consisting of the following:
- Disk1: Windows2008 server (BCD bootloader)
- Disk2: Citrix XenServer (extlinux bootloader)
- Disk3: VMWare ESXi (syslinux bootloader)
All 3 systems use a completely different bootloaders, i tried installing OS's in different orders on different disks, i even parititioned the Win2008 disk with Ubuntu to introduce the Grub bootloader, however it was not possible to allow multiboot to take place over these 3 Hypervisors.
Also Win2008 does not allow Workstation installed alongside Hyper-V, therefore this single testplatform could not be used without performing a full rebuild of the Hypervisor on each occasion for testing.
Up to this point i was testing Virtualbox/Workstation and to a degree Parallels on Windows XP - DualCore 2.4Ghz laptop with 3Gb RAM, and on Windows 7 on the final test platform.
Tests to be ran on each experiment
VM Isolation Testing:
Test1: geekbench... checks a number of CPU/Memory/ system performance parameters and presents an over all performance score
Test2: Ramspeed test - This simple algorithm allows to show how fast are both cache and memory subsystems. There are also *mem benchmarks such as INTmem, FLOATmem. These are supposed to illustrate how fast is actual read\write memory performance. Each of them includes four subtests called Copy(A=B), Scale(A=B*m), Add(A=B+C) and Triad(A=B+C*m).
Test3: CPU test - calculate Square Root of 32million numbers
Test4 - I/O testing of disk subsystem- using fio - runs 2 tests... random reads / writes of 10 x 32mb files to disk and corralates the results
Test5 - I/O testing of network - 3 ping tests to host, a vm within the same host and gateway on physical network.
Friday, July 30, 2010
The Experimentation:
I've looked at a number of experiments & ways to implement these experiments within VM's running on Hosted / BareMetal - Hypervisors.
It's then possible to analyze how effective isolation is on the platform by the factors below at the bottom
These include the following:
- Crashme:- By running this application within a VM it causes a high CPU load within the VM and in some cases causing the VM to crash altogether.
- Fuzz :- By sending programs nonsensical messages it can cause a program to act inappropriately, causing the program itself to crash or launch many other programs.
- DoS :- Using special tools its possible to launch a DoS attack against a VM within a Host either within the same Vswitch as other VM's or a seperate Vswitch.
- Forkbombs:- Forkbombs are a great way to put stress onto the underyling physical ram within a host
It's been a long summer, alot of reading and research carried out.
I've read numerous papers on Virtualization & security:
The highlights included a paper on "Secure Virtualization & MultiCore Platforms state-of-the-Art Rreport by Heradon Douglas & Christian Gehrmann of SICS
I've looked at a number of different Hosted & Baremetal Hypervisors including:
Virtualbox, Parallels & VMWare Workstation running on Unbutu/WinXP32bit/Win764bit
Baremetal hypervisors such as Microsofts Hyper-V, Citrix XENServer, VMWare ESXi and RedHat's KVM
Thursday, May 20, 2010
New blog setup
I've just setup my blog which will be used to document my Practicum titled:
Study of secure isolation of virtual machines and their exposure to hosts in a virtual environment.
Subscribe to:
Posts (Atom)