Description
With the steadily growing rate of virtualization in numerous areas,
security applications increasingly rely on Virtual Machine Introspection
(VMI) to monitor Virtual Machines (VMs) from the outside. VMI-based
applications provide a complete view of the VM state. Within the context
of this thesis, we present the prototype of our hypervisor cr0S, which
is dedicated for the deployment of VMI-based applications. Also, the
framework can be used by students to learn about the development of an
Operating System (OS). Our prototype hypervisor utilizes Intel’s
Virtualization Technology (VT-x) hardware virtualization extensions to
run an OS inside a VM. The cr0S hypervisor can be used to emulate not
yet existent hardware features, such as Intel Sub-Page Protection (SPP).
Our implementation of the hypervisor utilizes structures from Linux.
Also, within the context of virtualization, we present a software-based
solution of Intel SPP to protect memory regions in the VM on a sub-page
granularity.
|
