Email this Article Email   

CHIPS Articles: Detecting Hypervisor Attacks: NIST Releases Draft Report

Detecting Hypervisor Attacks: NIST Releases Draft Report
By CHIPS Magazine - September 21, 2018
Hardware/server virtualization is a fundamental component in the infrastructure of data centers used for cloud computing services and enterprise computing. Yet, the increasing popularity of cloud services and the complex nature of hypervisors, which are essentially large software modules, have led to malicious attackers exploiting hypervisor vulnerabilities to attack cloud services, NIST reported in a release. One of the core strategies for mitigating the vulnerabilities of a hypervisor involves formulating a methodology for determining the forensic data requirements for detecting attacks.

To better understand developments in hypervisor attacks and prevent future exploitation, NIST is releasing Draft NIST Internal Report (NISTIR) 8221, A Methodology for Determining Forensic Data Requirements for Detecting Hypervisor Attacks. This report analyzes recent vulnerabilities associated with two open-source hypervisors as reported by the NIST National Vulnerability Database, specifically Xen and KVM.

The draft develops a profile of hypervisor vulnerabilities in terms of 10 functionalities traditionally provided by hypervisors and classified by attack type, and attack source. The objective is to determine the forensic data that can be used to detect and reconstruct those attacks and subsequently to identify the techniques required to gather missing evidence. The methodology outlined in the document can assist cloud providers in enhancing the security of their virtualized infrastructure and take proactive steps toward preventing such attacks on their operating environment in the future, NIST said.

A public comment period for this draft document is open until Oct. 12, 2018. See the document details for additional information and a copy of the publication.

Related Links
Information Technology Laboratory
Computer Security Resource Center

Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer