New computer network security threat identified

Feb 22, 2008

Large companies are vulnerable to hackers when they network their computers for cost-saving live virtual machine migration, University of Michigan researchers say.

Virtualization, which allows multiple operating systems, or "virtual machines" and their applications to share one physical server, has been possible for decades, but live virtual machine migration is relatively new.

It allows individual virtual machines to migrate among several servers throughout the day with little service downtime, equalizing the load on the servers as it fluctuates. The security of live virtual machine migration has not been studied extensively, but the set-up is common in large companies today.

Hackers could intercept data and compromise the integrity of a virtual machine's operating system during live migration, said Jon Oberheide, a doctoral candidate in the electrical engineering and computer science department. The most popular software doesn't encrypt the information as it travels from server to server.

How does Oberheide know this? He hacked into his own migrating virtual machines.

"I was setting up a live virtual machine migration network in my office and I started poking around, and I noticed that it was totally insecure," Oberheide said.

As a short-term fix, companies can isolate their migration network from other network traffic or install hardware encryption devices on all their physical servers, Oberheide said.

"The important thing is to raise awareness of the vulnerability," Oberheide said. "Solutions are feasible, but they're not implemented by the most popular vendors. What is really needed is authenticated and encrypted migration so the attacker cannot perform these attacks, so that even if he can see the migration, he can't modify it."

Oberheide details his findings in a talk at the Black Hat D.C. computer security conference this week. He will present the paper, "Empirical Exploitation of Live Virtual Machine Migration." Other authors are research fellow Evan Cooke and professor Farnam Jahanian, both of U-M's Department of Electrical Engineering and Computer Science.

Source: University of Michigan

Explore further: Communication-optimal algorithms for contracting distributed tensors

add to favorites email to friend print save as pdf

Related Stories

Samsung looks on as profits migrate to online ecosystems

Jul 09, 2014

There used to be a time when the launch of a Galaxy handset, a Macbook, or a fancy game console could set investor hearts on fire and firms on a path to untold riches. These days, new devices no longer have ...

Better tissue healing with disappearing hydrogels

Jun 06, 2014

When stem cells are used to regenerate bone tissue, many wind up migrating away from the repair site, which disrupts the healing process. But a technique employed by a University of Rochester research team ...

Recommended for you

Microsoft challenging US on overseas data

2 hours ago

In a case closely watched by the tech sector, Microsoft will challenge Thursday a US court order requiring it to give prosecutors electronic mail content associated with an overseas server.

Facebook's Internet.org expands in Zambia

2 hours ago

(AP)—Facebook's Internet.org project is taking another step toward its goal of bringing the Internet to people who are not yet online with an app launching Thursday in Zambia.

Sony surprises with first quarter profit

2 hours ago

(AP)—Sony Corp. reported a surprise eightfold jump in quarterly profit Thursday as sales got a perk from a cheap yen and its bottom line was helped by gains from selling buildings and its stake in a video-game maker.

Samsung profit falls as smartphone sales slow

3 hours ago

(AP)—Samsung Electronics Co. reported a bigger-than-expected fall in second quarter profit on Thursday and said it was uncertain if earnings from its handset business would improve in the current quarter.

User comments : 0