Presentation is loading. Please wait.

Presentation is loading. Please wait.

11 World-Leading Research with Real-World Impact! ZeroVM Backgroud Prosunjit Biswas Institute for Cyber Security University of Texas at San Antonio April.

Published byBriana Kelly Modified over 8 years ago

Similar presentations

Presentation on theme: "11 World-Leading Research with Real-World Impact! ZeroVM Backgroud Prosunjit Biswas Institute for Cyber Security University of Texas at San Antonio April."— Presentation transcript:

1 11 World-Leading Research with Real-World Impact! ZeroVM Backgroud Prosunjit Biswas Institute for Cyber Security University of Texas at San Antonio April 23, 2014 Institute of Cyber Security, ICS @ UTSA Institute for Cyber Security

2 22 World-Leading Research with Real-World Impact! Motivation Behind ZeroVM Institute for Cyber Security 1.In Amazon map/reduces a considerable amount of overhead was due to fetching the data from s3 to EC2 Instances and put it back to s3. 2.The overhead was hurting when the customers need to remake to cluster and do the map/reduce again. 3.A significant amount of customer’s money was spent due to moving the data back and forth.

3 33 World-Leading Research with Real-World Impact! Motivation Behind ZeroVM(continued) Institute for Cyber Security 1.can we bring to Application to the data(very limited I/O overhead)? 2.How can we ensure no harm even if the application is malicious? Challenge with High I/O Challenge with Application Isolation

4 44 World-Leading Research with Real-World Impact! What is ZeroVM Institute for Cyber Security ZeroVM is an open–source lightweight virtualization platform based on the Chromium Native Client project.

5 55 World-Leading Research with Real-World Impact! ZeroVM Properties Institute for Cyber Security 1. ZeroVM virtualizes Application not Operating System. 2. Single threaded (thus deterministic) execution 3. Constraint Resource  Channel based I/O  Predefine socket port / network  Restricted Memory Access  Limited Read/ Write (in bytes)  Limited life time / Predefined timeout

6 66 World-Leading Research with Real-World Impact! ZeroVM Properties Institute for Cyber Security 1. ZeroVM virtualizes Application not Operating System. 2. Single threaded (thus deterministic) execution 3. Constraint Resource  Channel based I/O  Predefine socket port / network  Restricted Memory Access  Limited Read/ Write (in bytes)  Limited life time / Predefined timeout

7 77 World-Leading Research with Real-World Impact! Popular Virtualizations Institute for Cyber Security 1. ZeroVM virtualizes Application not Operating System. 2. Does zeroVM uses process level virtualization ? OS Level Virtualization Process Level Virtualization No

8 88 World-Leading Research with Real-World Impact! Popular Virtualizations Institute for Cyber Security OS Level Virtualization Process Level Virtualization Pros: 1.Complete Isolation  Dedicated V. Memory  Dedicated V. Storage  Dedicated V. CPU 2. Flexible Architecture Almost all OS is supported 3. Fault Tolerance Cons: 1.High Resource Overhead 2.High Maintenance Cost. Pros: 1.Easy to maintain 2. Comparative low overhead. Cons: 1.Single Large Fault domain a.One malicious app may crush the whole system. 2.No Complete isolation.

9 99 World-Leading Research with Real-World Impact! ZeroVM Virtualization Institute for Cyber Security Process Level Virtualization Pros: 1.Nearly Complete Isolation -Uses Google Native Client (NaCl) Project 2.Low Resource overhead. 3. Fault Tolerant Cons: 1.Run Only special executables/ binary. 2. 3.No support for existing

10 10 World-Leading Research with Real-World Impact! ZeroVM Properties Institute for Cyber Security 1. ZeroVM virtualizes Application not Operating System. 2. Single threaded (thus deterministic) execution 3. Constraint Resource  Channel based I/O  Predefine socket port / network  Restricted Memory Access  Limited Read/ Write (in bytes)  Limited life time / Predefined timeout

11 11 World-Leading Research with Real-World Impact! ZeroVM Properties Institute for Cyber Security 1. ZeroVM virtualizes Application not Operating System. 2. Single threaded (thus deterministic) execution 3. Constraint Resource  Channel based I/O  Predefine socket port / network  Restricted Memory Access  Limited Read/ Write (in bytes)  Limited life time / Predefined timeout Single Threaded Execution: 1.No Fork 2.No Context Switch 3.No Fault due to Undeterministi c concurrency

12 12 World-Leading Research with Real-World Impact! ZeroVM Properties Institute for Cyber Security 1. ZeroVM virtualizes Application not Operating System. 2. Single threaded (thus deterministic) execution 3. Constraint Resource  Channel based I/O  Predefine socket port / network  Restricted Memory Access  Limited Read/ Write (in bytes)  Limited life time / Predefined timeout

13 13 World-Leading Research with Real-World Impact! Channel Based Input / Output Institute for Cyber Security 1. ZeroVM virtualizes Application not Operating System. 2. Single threaded (thus deterministic) execution 3. Constraint Resource  Channel based I/O  Predefine socket port / network  Restricted Memory Access  Limited Read/ Write (in bytes)  Limited life time / Predefined timeout Before execution ZeroVM is given a manifest/ configuration file which specify predefined Resources through Channel. Input file, Output file / File System Network (socket, DNS) Memory Channel = /tmp/input.txt, /dev/stdin, 0, 1, 0x1000, 0x1000, 0, 0 Which means : Zerovm input (/dev/stdin) comes from : /tmp/input.txt of local filesystem. 0: Only sequential Read / Write is allowed 0x1000: only 1000 bytes is allowed to be read from input file. 0: 0 bytes can be written to /tmp/input.txt

14 14 World-Leading Research with Real-World Impact! An example Manifest file Institute for Cyber Security 1. ZeroVM virtualizes Application not Operating System. 2. Single threaded (thus deterministic) execution 3. Constraint Resource  Channel based I/O  Predefine socket port / network  Restricted Memory Access  Limited Read/ Write (in bytes)  Limited life time / Predefined timeout Channel = /dev/null, /dev/stdin, 0, 1, 999999, 999999, 0, 0 Channel = /dev/stdout, /dev/stdout, 0, 1, 0, 0, 999999, 999999 Channel = /dev/stderr, /dev/stderr, 0, 1, 0, 0, 999999, 999999 Version = 20130611 Program = hello.nexe Memory = 33554432, 1 Timeout = 1

15 15 World-Leading Research with Real-World Impact! ZeroVM Properties Institute for Cyber Security 1. ZeroVM virtualizes Application not Operating System. 2. Single threaded (thus deterministic) execution 3. Constraint Resource  Channel based I/O  Predefine socket port / network  Restricted Memory Access  Limited Read/ Write (in bytes)  Limited life time / Predefined timeout Single Threaded Execution: 1.No Fork 2.No Context Switch 3.No Fault due to Undeterministic concurrency

16 16 World-Leading Research with Real-World Impact! Binary Support for ZeroVM Institute for Cyber Security ZeroVM executables have to be precompiled in.nexe format. Currently only C (C99) and python executables are supported. Existing C executables and python interpreter need recompilation to modify / eliminate sensitive system calls.

17 17 World-Leading Research with Real-World Impact! ZeroVM from a theoretical standpoint Institute for Cyber Security ZeroVM Google Native Client Software Fault Isolation Functional Dependency and Security Feature

18 18 World-Leading Research with Real-World Impact! ZeroVM from a theoretical standpoint Institute for Cyber Security ZeroVM Google Native Client Software Fault Isolation Functional Dependency and Security Feature

19 19 World-Leading Research with Real-World Impact! Software Fault Isolation Institute for Cyber Security Trusted Code ( Ex: Distributed by Google ) Untrusted Code ( Ex: Third party extensions) Ex: Google Chrome Project Malicious access Fault Isolation Techniques: 1.Address Space Abstraction by OS Cons: 1. Communication between address space is very costly. Valid access

20 20 World-Leading Research with Real-World Impact! Software Fault Isolation Institute for Cyber Security Fault Domain: -- Contiguous region of memory. -- have different code and data segment -- Code from different trust level have own fault domain. Cross Domain Communication: -- No direct memory access -- All call are implemented by RPC Single Domain Restricted Access: -- the module cannot change Code segment. (dangerous, self modifying code) -- Every jump instruction must not pass single domain. -- Most Jumps are statically verified otherwise -- verified at run time with help of checking code. Fault domain1 Fault doman2 Fault domain3 Distributed code / extensions must be recompiled/rewritten.

21 21 World-Leading Research with Real-World Impact! Google Native Client (NaCl) Institute for Cyber Security Fault Domain: -- Contiguous region of memory. -- have different code and data segment -- Code from different trust level have own fault domain. Cross Domain Communication: -- No direct memory access -- All call are implemented by RPC Single Domain Restricted Access: -- the module cannot change Code segment. (dangerous, self modifying code) -- Every jump instruction must not pass single domain. -- Most Jumps are statically verified otherwise -- verified at run time with help of checking code. Fault domain1 Fault doman2 Fault domain3 Distributed code / extensions must be recompiled/rewritten.

22 Thank You World-Leading Research with Real-World Impact!

Download ppt "11 World-Leading Research with Real-World Impact! ZeroVM Backgroud Prosunjit Biswas Institute for Cyber Security University of Texas at San Antonio April."

Similar presentations

Applications of Feather-Weight Virtual Machines (FVMs) Hadi Salimi Distributed Systems Lab, School of Computer Engineering, Iran University of Science.

Applications of Feather-Weight Virtual Machines (FVMs) Hadi Salimi Distributed Systems Lab, School of Computer Engineering, Iran University of Science.
Department of Computer Science and Engineering University of Washington Brian N. Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc E. Fiuczynski,

Department of Computer Science and Engineering University of Washington Brian N. Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc E. Fiuczynski,
Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.

Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.
EXTENSIBILITY, SAFETY AND PERFORMANCE IN THE SPIN OPERATING SYSTEM B. Bershad, S. Savage, P. Pardyak, E. G. Sirer, D. Becker, M. Fiuczynski, C. Chambers,

EXTENSIBILITY, SAFETY AND PERFORMANCE IN THE SPIN OPERATING SYSTEM B. Bershad, S. Savage, P. Pardyak, E. G. Sirer, D. Becker, M. Fiuczynski, C. Chambers,
Extensibility, Safety and Performance in the SPIN Operating System Presented by Allen Kerr.

Extensibility, Safety and Performance in the SPIN Operating System Presented by Allen Kerr.
Threads, SMP, and Microkernels Chapter 4. Process Resource ownership - process is allocated a virtual address space to hold the process image Scheduling/execution-

Threads, SMP, and Microkernels Chapter 4. Process Resource ownership - process is allocated a virtual address space to hold the process image Scheduling/execution-
Chapter 4 Threads, SMP, and Microkernels Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design.

Chapter 4 Threads, SMP, and Microkernels Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design.
Lightweight Remote Procedure Call Brian N. Bershad, Thomas E. Anderson, Edward D. Lazowska, and Henry M. Levy Presented by Alana Sweat.

Lightweight Remote Procedure Call Brian N. Bershad, Thomas E. Anderson, Edward D. Lazowska, and Henry M. Levy Presented by Alana Sweat.
Operating Systems CMPSCI 377 Lecture 11: Memory Management

Operating Systems CMPSCI 377 Lecture 11: Memory Management
Network Implementation for Xen and KVM Class project for E6998-01: Network System Design and Implantation 12 Apr 2010 Kangkook Jee (kj2181)

Network Implementation for Xen and KVM Class project for E : Network System Design and Implantation 12 Apr 2010 Kangkook Jee (kj2181)
OS Spring’03 Introduction Operating Systems Spring 2003.

OS Spring’03 Introduction Operating Systems Spring 2003.
OPERATING SYSTEMS Introduction

OPERATING SYSTEMS Introduction
Inter-Process Communication  most OSs provide several abstractions for inter- process communication: message passing, shared memory, etc.  communication.

Inter-Process Communication  most OSs provide several abstractions for inter- process communication: message passing, shared memory, etc.  communication.
Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.

Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.
Virtualization for Cloud Computing

Virtualization for Cloud Computing
Page 1 Sandboxing & Signed Software Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

Page 1 Sandboxing & Signed Software Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Presented by: Alvaro Llanos E.  Motivation and Overview  Frangipani Architecture overview  Similar DFS  PETAL: Distributed virtual disks ◦ Overview.

Presented by: Alvaro Llanos E.  Motivation and Overview  Frangipani Architecture overview  Similar DFS  PETAL: Distributed virtual disks ◦ Overview.
Efficient Software-Based Fault Isolation—sandboxing Presented by Carl Yao.

Efficient Software-Based Fault Isolation—sandboxing Presented by Carl Yao.
Stack Management Each process/thread has two stacks  Kernel stack  User stack Stack pointer changes when exiting/entering the kernel Q: Why is this necessary?

Stack Management Each process/thread has two stacks  Kernel stack  User stack Stack pointer changes when exiting/entering the kernel Q: Why is this necessary?
Previous Next 06/18/2000Shanghai Jiaotong Univ. Computer Science & Engineering Dept. C+J Software Architecture Shanghai Jiaotong University Author: Lu,

Previous Next 06/18/2000Shanghai Jiaotong Univ. Computer Science & Engineering Dept. C+J Software Architecture Shanghai Jiaotong University Author: Lu,

Similar presentations

Ads by Google