Paper: HyperSentry: Enabling Stealthy In-context Measurement of Hypervisor Integrity

In preparation for the 17th ACM Conference on Computer and Communications Security (CCS), the North Carolina State University and IBM presented a new project called HyperSentry: a system to measure the integrity of a running hypervisor that address the shortcomings of other solutions like Copilot, HyperGuard, HyperCheck and Flicker.

Unlike existing solutions for protecting privileged software, HyperSentry does not introduce a higher privileged software layer below the integrity measurement target, which could start another race with malicious attackers in obtaining the highest privilege in the system. Instead, HyperSentry introduces a software component that is properly isolated from the hypervisor to enable stealthy and in-context measurement of the runtime integrity of the hypervisor. While stealthiness is necessary to ensure that a compromised hypervisor does not have a chance to hide the attack traces upon detecting an upcoming measurement, in-context measurement is necessary to retrieve all the needed inputs for a successful integrity measurement.

HyperSentry uses an out-of-band channel (e.g., Intelligent Platform Management Interface (IPMI), which is commonly available on server platforms) to trigger the stealthy measurement, and adopts the System Management Mode (SMM) to protect its base code and critical data. A key contribution of HyperSentry is the set of novel techniques that overcome SMM’s limitation, providing an integrity measurement agent with the same contextual information available to the hypervisor, completely protected execution, and attestation to its output.

To evaluate HyperSentry, we implement a prototype of the framework along with an integrity measurement agent for the Xen hypervisor. Our experimental evaluation shows that HyperSentry is a low-overhead practical solution for real world systems.