Attacking Disk Storage Using Hypervisor-Based Malware

Author

Jaron W. Martin

Issuing Body

Mississippi State University

Advisor

Dandass, Yoginder S.

Committee Member

Dampier, David A.

Committee Member

Morris, Thomas H.

Date of Degree

5-11-2013

Document Type

Graduate Thesis - Open Access

Major

Computer Science and Engineering

Degree Name

Master of Science

College

James Worth Bagley College of Engineering

Department

Department of Computer Science and Engineering

Abstract

Malware detection is typically performed using either software scanners running inside the operating system or external devices designed to validate the integrity of the kernel. This thesis proposes a hypervisor-based malware that compromises the system by targeting the hard disk drive and leaving the kernel unmodified. The hypervisor is able to issue read and write commands to the disk while actively hiding these actions from the operating system and any detection software therein. Additionally, the hypervisor’s presence has minimal impact on the performance of the system. The ability to perform these commands compromises the confidentiality, integrity, and availability of the stored data. As a result, this thesis has widespread implications affecting personal, corporate, and government users alike.

URI

https://hdl.handle.net/11668/17759

Recommended Citation

Martin, Jaron W., "Attacking Disk Storage Using Hypervisor-Based Malware" (2013). Theses and Dissertations. 810.
https://scholarsjunction.msstate.edu/td/810