TUM Logo

Holistic Protection against Memory Exfiltration Attacks via On-the-Fly Virtualization

Holistic Protection against Memory Exfiltration Attacks via On-the-Fly Virtualization

Supervisor(s): Manuel Andreas
Status: finished
Topic: Others
Author: Philipp Stratil
Submission: 2023-11-15
Type of Thesis: Masterthesis


Each day, everyone one of us generates vast amounts of digital data

on our computing devices. A lot of this data can be considered

sensitive – and does not have to include company secrets or otherwise

classified data in order to be considered important. Even just

regular personal data is worthy of protection; hardware and software

manufacturers have realized this and as a result, all modern phones

and computers can protect their user’s data via means of encryption.

Unfortunately, almost all of the mainstream focus has been on

protection of data at rest – no consumer devices protect the user’s

data during processing, while it is stored in main memory, and where

it is vulnerable to so-called cold boot attacks. In this thesis, we

approach the problem of protecting main memory contents from data

exfiltration attacks by combining several techniques that have been

explored in literature before – such as on-the-fly virtualization and

CPU-bound encryption – in order to assess the viability of a system

that provides on-demand memory encryption of a system’s main memory.

We present a proof-of-concept implementation of a hypervisor that

transparently encrypts and decrypts the system RAM of a running Linux

system, evaluate its performance, and talk about the challenges that

we encountered during the implementation.