Back to Search
Start Over
Breaking KASLR Using Memory Deduplication in Virtualized Environments
- Source :
- Electronics, Vol 10, Iss 2174, p 2174 (2021), Electronics, Volume 10, Issue 17
- Publication Year :
- 2021
- Publisher :
- MDPI AG, 2021.
-
Abstract
- Recent operating systems (OSs) have adopted a defense mechanism called kernel page table isolation (KPTI) for protecting the kernel from all attacks that break the kernel address space layout randomization (KASLR) using various side-channel analysis techniques. In this paper, we demonstrate that KASLR can still be broken, even with the latest OSs where KPTI is applied. In particular, we present a novel memory-sharing-based side-channel attack that breaks the KASLR on KPTI-enabled Linux virtual machines. The proposed attack leverages the memory deduplication feature on a hypervisor, which provides a timing channel for inferring secret information regarding the victim. By conducting experiments on KVM and VMware ESXi, we show that the proposed attack can obtain the kernel address within a short amount of time. We also present several countermeasures that can prevent such an attack.
- Subjects :
- Address space layout randomization
TK7800-8360
Computer Networks and Communications
Computer science
Hypervisor
computer.software_genre
side-channel attack
Hardware and Architecture
Control and Systems Engineering
Virtual machine
Kernel (statistics)
Signal Processing
KASLR
Operating system
Isolation (database systems)
Side channel attack
Electronics
Electrical and Electronic Engineering
Page table
memory deduplication
computer
Communication channel
Subjects
Details
- ISSN :
- 20799292
- Volume :
- 10
- Database :
- OpenAIRE
- Journal :
- Electronics
- Accession number :
- edsair.doi.dedup.....8c165002d18dfcc3a9974b4a445db31a
- Full Text :
- https://doi.org/10.3390/electronics10172174