Taming Hosted Hypervisors with (Mostly) Deprivileged Execution

Author(s): Chiachih Wu, Zhi Wang, Xuxian Jiang

Download: Paper (PDF)

Date: 23 Apr 2013

Document Type: Presentations

Additional Documents: Slides

Associated Event: NDSS Symposium 2013

Abstract:

Virtualizing a computer system is a complex task. Existing hosted hypervisors typically have a large code base which might introduce exploitable software bugs. DeHype is proposed to reduce the exposed attack surface of a hosted hypervisor by deprivileging most of its execution to user mode, which also brings additional benefits in allowing for better development as well as concurrent execution of multiple hosted hypervisors in the same physical machine.