pocket hypervisors: opportunities and challenges

19
D u k e S y s t e m s D u k e S y s t e m s Pocket Hypervisors: Opportunities and Challenges Peter Chen University of Michigan Landon Cox Duke University

Upload: merry

Post on 23-Jan-2016

55 views

Category:

Documents


0 download

DESCRIPTION

Pocket Hypervisors: Opportunities and Challenges. Landon Cox Duke University. Peter Chen University of Michigan. Conventional organization. Process. Process. Process. Operating System. Hypervisor organization. Process. Process. Encapsulation Mediation Isolation. Guest OS. Guest OS. - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

D u k e S y s t e m s

Pocket Hypervisors:Opportunities and

Challenges

Peter ChenUniversity of Michigan

Landon CoxDuke University

Page 2: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

Conventional organization

Operating System

ProcessProcessProcess

Page 3: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

Hypervisor

Hypervisor organization

Guest OSGuest OS

Process Process

EncapsulationMediationIsolation

Page 4: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

Recent interest in hypervisors

Lots of papers/companies the past five years Xen, VMware, ReVirt, Potemkin, etc.

On mobile devices? Not so much. Some uses of encapsulation (ISR, SoulPad) No uses of mediation or isolation

Why? Hypervisors have been considered impractical Insufficient hardware support Prohibitive performance overhead

Page 5: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

Pocket hypervisors are practical and useful.

Security Opportunistic services

Hardware supportPrivilege modes

MMUMoore’s Law

Page 6: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

Securing commodity devices

With PC functions come PC problems Mobile malware already exists (Cabir, Skulls) BlueTooth exploits (BlueBug, SNARF)

Poses new kinds of threats Conversation eavesdropping Location privacy compromises Gain access to telecom resources

trifinite.org, bluestumbler.org

Page 7: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

OS

Simple example attack: Skulls

Mobile Anti-virus

CameraAddress book

“Flash player”

On reboot, phone can only make and receive calls.

Blue Tooth

services

Page 8: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

Pocket Hypervisor

Partition device functionality

Isolate core services from untrusted apps.Age-old challenge: how to still allow sharing?Shared file space? Explicit message passing?

Core Guest OS

Mobile Anti-virus

3rd party Guest OS

Blue Tooth

services

“Flash player”

Blue Tooth

servicesCamera

Page 9: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

OS

Example attack: BlueBug

Mobile Anti-virus

CameraAddress book

Remote access to SIM card, can issue AT commands.(attacker can read contacts, make calls, send SMS)

Blue Tooth

services

Page 10: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

Pocket Hypervisor

Security services

Core Guest OS

Mobile Anti-virus

Camera

3rd party Guest OS

AppAppBlue

Tooth services

Security servicesSecurity services

Difficult to stop this attack (can’t force BT to properly authenticate)Hypervisor can still provide secure logging, profiling servicesKey challenge: how to expose and log guest state efficiently

Page 11: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

Pocket hypervisors are practical and useful.

Security Opportunistic services

Hardware support

Page 12: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

Expose information about environment Light, pressure, temperature readings

Expands vantage point of owner Hundreds of observation points Streamed/aggregated to central location

Mote price-performance ratio Cheap nodes allow large deployments (cover large area, overcome failures) Powerful nodes allow complex applications

Sensor networks

Page 13: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

Expose information about environment Network events, MAC addresses, ESSIDs

Expands vantage point of owner Hundreds of observation points Streamed/aggregated to central location

Phone price-performance ratio Cheap nodes allow large deployments (cover large area, overcome mobility) Powerful nodes allow complex applications

Mobile phones as sensors

Page 14: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

Opportunistic services

COPSE (new project at Duke) Concurrent opportunistic sensor environment “A thicket of small trees cut for economic purposes.”

Allow execution of untrusted service instances Enables mobile testbeds, opportunistic sensor nets Hypervisor ensures isolation (performance, energy)

Key tension Encourage volunteers to participate Support useful services

Page 15: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

Internet

What are the disincentives to participate?

Page 16: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

Example disincentive

DukeFrancHome

DukeFrancHome

Adversaries shouldn’t be

able to upload location

trackers.

Page 17: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

Location privacy

Could enforce execution regions Only execute guests within a physical region Requires access to a location service

Could “scrub” MAC addresses Hypervisor manages device namespace Translate names between VM and network

Page 18: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

Wireless NIC Wireless NIC

Hypervisor

Guest OS

App

Guest OS

App

VDriverVDriver

00:18:DE:2C:A3:8A

00:0C:29:4E:F4:1C 00:30:65:0D:11:61

Machine Driver

Hypervisor

Guest OS

App

Guest OS

App

VDriverVDriver

00:0C:29:4E:F4:1C

00:18:DE:2C:A3:8A 00:13:21:B7:94:B9

Machine Driver

N2 = 00:30:65:0D:11:61

N2 = 00:30:65:0D:11:61

N1 = 00:13:21:B7:94:B9

N1 = 00:13:21:B7:94:B9

Node One (N1) Node Two (N2)

Page 19: Pocket Hypervisors: Opportunities and Challenges

D u k e S y s t e m s

Conclusions

Pocket hypervisors are practical and useful Practicality

Commodity devices support for virtualization Devices resources are becoming more plentiful

Usefulness Device security Opportunistic services