Fingerprinting Encrypted Virtual Machines Utilizing the Hypervisor Interfaces

Description

To secure virtual machines from the underlying hypervisor, AMD introduced the CPU extension SEV, which cryptographically isolates the virtual machines. Other vendors presented similar CPU extensions. This separation protects sensitive information inside the VM against its hypervisor. Researchers presented different attacks against SEV-protected virtual machines which aim to execute malicious code or leak sensitive information. Some of the presented attacks against protected virtual machines rely on known code offsets inside the virtual machine. However, since the virtual machine's memory is encrypted, knowing the location of the code offsets is not trivial.
This thesis presents and implements different fingerprinters to identify the kernel running inside a protected virtual machine. We utilize information collected by the performance monitoring unit (PMU), instruction-based sampling (IBS) toolkit, SEVered framework, and hypervisor interface. With our approach to fingerprinting, we could differentiate between major kernel versions. However, while our work takes a step in the right direction, we could not reliably differentiate minor kernel versions.
Furthermore, we present two security measures that can introduce additional complications for fingerprinting. We discuss how function granular address randomization could negatively affect the presented fingerprinter and how we could align PMU measurements for different kernel versions to prevent kernel identification.