Virtualization

An Architecture Providing Virtualization-Based Protection Mechanisms Against Insider Attacks

Frederic Stumpf , Patrick R¨der , and Claudia Eckert o

Department of Computer Science, Technische Universit¨t Darmstadt, a Darmstadt, Germany {stumpf,roeder,eckert}@sec.informatik.tu-darmstadt.de

Abstract. Insider attacks are very powerful and are relevant in many scenarios, such as grid computing, corporate computing on home computers and electronic commerce of digital content. We present an example scenario to illustrate these attacks and perform a threat analysis to extract requirements for preventing insider attacks. We believe that these requirements are also representative of other scenarios. We develop a four layered protection architecture by using virtualization techniques based on these requirements. Therefore, the proposed architecture prevents insider attacks in scenarios with similar requirements as well.

1

Introduction

Insider attacks are relevant in scenarios where confidential data or intellectual property is processed, e.g., grid computing, corporate computing on home computers and electronic commerce of digital content. These attacks are more dangerous than outsider attacks, since the inside attacker can use his legitimate permissions to perform an attack, e.g., to steal data. An FBI/CSI survey [1] states that a substantial portion of losses is attributed to inside attackers, which shows that these attacks are important and must be considered. Depending on the scenario, the corresponding attacks differ in the attacker’s options to perform an attack. For example, a private user who is trying to bypass a digital rights management (DRM) protection mechanism has unlimited access to his computer. In contrast to this, office employees often do not have administrative access to their computers. The common problem of these attacks is that the attacker can modify his local system configuration to deactivate or bypass protection mechanisms. As a result,...