Printer friendly version
TU-Darmstadt Develops Theft Protection for Virtual Machines
04 August 2011
Technische Universität Darmstadt
Characteristic echo-profiles betray unauthorized data migrations
TU Darmstadt scientists have found a way to promptly detect hacker attacks on virtual machines. Companies and government agencies that employ virtual machines can thus protect data stored on them against theft.
Virtual machines are computers that incorporate no hardware and are totally simulated by software. Virtual machines are much more flexibly and efficiently utilizable than conventional computers, since, like all other types of software files, they may be rapidly transferred from one location to another with little effort. However, that particular feature harbors risks, since users will not notice unauthorized migrations out of their company’s or government-agency’s network due to hacker attacks. An entire virtual machine and all of the data stored on it may thus fall into the wrong hands within a few seconds.
However, such thefts can be prevented if virtual-machine migrations are promptly recognized. A research team headed by Dr. André König of the TU‑Darmstadt’s Multimedia Communications Lab (KOM) has developed an early-warning system based on “pinging.”
Dr. König explained that, “Individual data packets take longer to transit the network and, in some cases, even become lost, whenever virtual-machine migrations occur. Virtual-machine migrations thus transmit characteristic echo-profiles.”
He, and members of his research team, have recently developed software that recognizes such echo-profiles and triggers protective countermeasures that combat hacker attacks. However, he emphasized that time is of the essence, since “Once data has been stolen, it cannot be recovered. Hacker attacks must therefore be recognized and counteracted before virtual-machine migrations have been concluded.”