Researchers have developed a software tool that reduces the risk of hackers inserting malware into cloud computing systems.
According to the team from North Carolina State University, the tool is better than existing programs at detecting viruses in the hypervisors that are critical to virtualisation, which is used in many cloud computing systems, and does so without “tipping off” the malware that it is being examined.
The program, developed in tandem with IBM and called HyperSentry, is intended to stave off fears that computing clouds could be vulnerable to attacks across distributed systems.
“The concern is that an attacker could compromise a hypervisor, giving them control of the cloud,” says Peng Ning, professor of computer science at NC State. “If a hypervisor is compromised, the attacker could do almost anything – access users’ sensitive information, use the cloud’s computing resources to attack other internet entities or spread malware.”
Hypervisors are the software that create the virtual workspace that allows various operating systems to run in isolation on the same computer.
“HyperSentry solves two problems,” said Ning. “It measures hypervisor integrity in a stealthy way, and it does so in the context of the hypervisor.
“To effectively identify hypervisor problems you need to look at the hypervisor program memory and the registers in the processors while they are actually running the program.”
The researchers say being able to discretely check hypervisor integrity is important because if a hypervisor has already been compromised and recognised a security check, it could tell the malware to restore the hypervisor to its normal state and then re-infect it.
Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.
