Abstract: A significant development in the malware landscape in recent years is the ability of hackers to monetize compromised platforms by (1) gathering valuable information that can be sold, (2) using the platform’s resources to aid in an illicit or unwanted activity, or (3) holding information contained on the platform for ransom. Since the attacker’s potential monetary reward is increased the more the malware is undetected, a re-emergence of malware that can mask its presence from traditional security agents has occurred. This type of malware is referred to as stealth malware. Researchers and industry have found novel uses for cloud computing to detect malware. In this article, we present an overview of these uses and identify their shortcomings. We present a cloud-computing-based architecture that improves the resiliency of the existing solutions, and we describe our prototype that is based on existing Intel platforms. We examine the new firmware that makes the existing architecture more robust. Our new platform-based tool can be utilized by security providers to help them keep pace with stealthy malware.
Introduction
Over the last three years, malware has evolved to support the new goal of malware writers and developers: to profit from their exploits. This for-profit goal has sparked the development of malware that can mask its presence on a platform. Some malware will go so far as to remove less stealthy malware from an infected computer to help avoid detection of that malware.
The cost of malware to businesses worldwide has been estimated to be in the tens of billions of dollars each year: 14.3 billion dollars in 2006 alone [1].
IT security faces a number of different challenges in combating the threat of malware. First of all there has been an explosion in malware samples. Panda Security reported that an average of 35,000 malware samples were detected each day in 2008, with the total count exceeding 15 million samples [2]. McAfee Inc. reported that the number of malware samples in their collection doubled from 10 million in March 2008 to 20 million in March 2009 [3]. This explosion in the number of samples underscores the reality that no client can have an up-to-date list of known malware at any given time. Moreover, security agents are required to spend ever more resources to test files against the multitude of known malware signatures. In certain situations, security agents consume 50-60 percent of the CPU resources [4].
Considering the ubiquity of malware samples, academia and industry have identified opportunities to use cloud computing to detect malware [5, 6]. There are a number of possible cloud-computing solution models. Figure 1 shows a generic system architecture for a cloud-based, anti-virus service. One model is a service model, where a host runs a lightweight process that collects relevant samples (such as files) and sends them to a network service. The network service performs the analysis to determine if the sample contains malware, and if so, it directs the lightweight process to quarantine the sample. Another approach is where the host agent maintains only a subset of the known malware signatures and a list of common software applications.
Figure 1 Cloud-based Anti-virus Service (Source: Intel Corporation, 2009)
Cloud computing provides a number of benefits to malware detection. It reduces the amount of storage and computational resources on the client, and it simplifies the management of signature files, as it is centrally located. Moreover, whenever a previously unidentified malware sample is presented to the cloud, the security vendor can apply much more sophisticated and computationally expensive heuristics to determine the threat profile of the software.
Cloud computing, however, does not protect host agents from malware. Host agents need mechanisms to prevent or detect the agents that have been disabled or subverted. A number of proposals have been put forth to provide a better protection mechanism for host agents [7, 8, 9, 10, 11, and 12]. A number of these approaches center on the use of virtualization to provide an isolated execution environment for security agents. In this article, we examine platform features that can be used to isolate the host agent in order to provide protection against different threat vectors.
Organization of this Article
We start out by discussing threats to host agents. We then outline a generic architecture for malware detection, based on enhanced cloud computing. We continue with a description of how Intel platform technologies can be used to enhance computing solutions, and we end with a threat analysis of the approaches discussed.
Threats to Host Agents
The host agent on the platform must provide reliable information to the cloud service to be effective, just as host-only malware detection systems have to do to be effective. If malware is able to exploit vulnerability in the system (for example, a buffer overflow in a browser plug-in) and subvert the host agent, it can execute undetected.
These are some ways the host agent can be subverted:
- Tampering with the host agent. The host agent executable is modified so that it no longer poses a threat to the malware sample. Such tampering can be as simple as no longer sending files to the cloud service, or as elaborate as allowing the malware agent to filter the files that are sent to the cloud service.
- Disabling the host agent. The malware modifies the system configuration to either no longer launch or to suspend execution on the agent.
- Input filtering. The malware filters the information provided to the host agent by hooking the invocation of the system API and inserting malicious code to filter the results. Well-known hook points include the import table and the system call table. However, many more hook points exist; Wang et al. identified 41 potential file-hiding kernel hook points for the Red Hat Fedora core [10, 13].
In the last few years, malware has evolved to focus on more subversive methods of breaching system security. One such method was used by Shadow Walker wherein the interrupt descriptor table (IDT), page-fault handler was hooked. This caused the processor to return certain values when reading memory as data and other values when reading memory as code [14]. Another method discussed by security researchers is to install a malicious virtual machine monitor (VMM) to hyperjack an operating system (OS) [15]. The VMM affords the researcher the ability to observe the system without requiring any modification or hooking of the OS.
Enhancing Cloud-based Malware Detection
We illustrate a system architecture to enhance cloud-based, anti-virus services in Figure 2.
Figure 2 Enhanced Cloud-based, Anti-virus Solution (Source: Intel Corporation, 2009)
By isolating the host agent from the host environment and by providing direct access to platform resources, such as storage and memory, malware in the host can no longer attack or manipulate the host agent directly. It must instead attack the host agent partition. Since the host agent partition does not need to support general-purpose computing, it can be configured to be more secure resulting in a more robust solution. A description of the architectural components follows:
- Isolated host agent environment. An isolated execution environment contains the host agent. It supports an interface from which the host can send requests. It provides direct access to host storage, and host access; disk I/O requests can be directed to this environment.
- Isolated host agent. The host agent maintains a secure, authenticated channel with the cloud-anti-virus service. The host agent monitors the host-disk I/O, and if necessary, sends the files over the secure channel to the cloud-anti-virus network service for evaluation. The host agent contains the file system logic, corresponding to the host file system, and the agent can periodically scan the physical disk to find out what files have changed; it can then send the changed files over to the cloud-anti-virus network service.
- Enhanced disk driver. An enhanced disk driver can also be used to forward disk IO requests by the file system, from the primary partition to the host agent, running in the secure container, for further processing.
- Native disk driver. The native disk driver provides direct access to the host disk hardware from the isolated partition.
Figure 3 illustrates how a cloud-anti-virus service can be extended to provide kernel rootkit detection capabilities, in addition to disk/file scan capabilities for malware. A description of the architectural components follows:
Figure 3 Cloud-based Kernel Rootkit Detection (Source: Intel Corporation, 2009)
- Kernel rootkit detector. A local rootkit detector [9], running inside the client isolated partition, exposes secure remote interfaces to the rootkit detection application that is running on the cloud-anti-virus software. In this way, the rootkit application is able to access kernel memory pages and perform basic hash comparison operations on kernel memory regions that can be used to perform integrity checks. The integrity validation operations are run on the remote server. The kernel hashes are also stored in the cloud-antivirus server and provided to the kernel rootkit detector on the client PC, if needed.
- Native memory driver. The native memory driver running in the isolated partition provides secure access to the area of system memory containing the kernel memory regions of the host OS.
The two issues that come up in remote memory integrity operations are security and network latency. We address the network security concerns by using the secure channel between the client PC and the cloud-anti-virus service, by providing interfaces for memory hash comparisons, and by restricting remote memory accesses. Network latency issues for memory validation are mitigated by the fact that most of the kernel memory sections that are checked for integrity reside in non-pageable memory on the client platform.
The kernel rootkit detector helps mitigate unknown threats or in-memory threats by detecting commonly used attack methods such as import table hooking, kernel code and static data modifications, IDT, system call table hooking, and direct kernel object manipulation.
Prototype Architectures for Combating Stealth Malware
We developed two prototypes of the system just described to validate the system design. Prototype 1 is based on the Intel® Management Engine (Intel® ME) and Prototype 2 is based on a virtual machine monitor (VMM), both of which provide additional isolation from the OS. Because they are secluded from the host OS, it is harder for an attacker to compromise these environments.
Prototype 1: Based on the Intel® Management Engine
When Intel® Active Management Technology (Intel® AMT) [16, 17], and platforms running Intel® vPro™ technology were introduced, the platforms contained an embedded microcontroller, called Intel ME. Intel ME appears as a separate integrated device on the PCI bus. It integrates different hardware engines such as bus controllers, crypto accelerators, DMA engines, and so on. Intel ME runs firmware that consists of a real-time operating system (RTOS), drivers operating the hardware engines, and manageability applications. In our prototype we take advantage of this DMA engine to access memory regions.
We first implemented an agent to scan the memory in the firmware. This agent is the traditional blacklist-based scanning agent. Because of the restrictions in Intel ME, both in terms of compute power and storage, we could only implement a limited scanning agent in Intel ME firmware. We were limited in the size of the blacklist that could be securely stored (192KB) and in the frequency of scanning operations. Considering these restrictions, we implemented a host agent in the host OS to scan the blacklist-based memory. In our prototype, we add to the Intel ME agent integrity firmware to verify the integrity of this host agent. Additionally, the Intel ME out-of-band (OOB) interface can communicate with any remote cloud-anti-virus service to notify the software if the host agent is modified at run time. Intel ME maintains the hash of the host agent in its storage area, and at regular intervals, it verifies the integrity of the run-time image of the host agent. In our paper, Runtime Kernel Rootkit Detection [9], we describe the manifest generation process and the 3-phase algorithm deployed to verify the run-time integrity of the host agent. For our prototype, we measured the integrity of the host agent by using Intel ME: the process was completed in the order of milliseconds. In future work, we propose to explore event-driven, host-agent scanning to address any timing attacks. Our prototype architecture is shown in Figure 4.
Figure 4 Intel® Management Engine Architecture (Source: Intel Corporation, 2009)
Prototype 2: Based on the Virtual Machine Monitor
In this, the second of our prototypes, we considered a virtual machine (VM) as an isolated environment and also utilized the extension of our first prototype to measure the integrity of a VMM.
In order to understand why we chose VMM as an isolated environment, we first present a brief overview of a virtualization-based system that uses hardware virtualization. We utilized Intel® Virtualization Technology (Intel® VT) on our platform. Virtualization refers to the technique of partitioning the physical resources of a processor or a chipset into VMs and inserting a higher privilege executive under the OS. This executive is known as a VMM. The privilege level is called as VMX-root mode in Intel® Virtualization Technology (Intel® VT) for IA-32, Intel® 64 and Intel® Architecture (Intel® VT-x). A control transfer into the VMM is called a VMExit, and the transfer of control to a VM is called a VMEntry. A VM can explicitly force a VMExit by using a VMCALL instruction. A guest OS runs in VMX non-root mode that ensures that critical OS operations cause a VMExit. This allows the VMM to enforce isolation policies. We enhanced the prototype described in [9] by adding a light-weight VMM to this prototype. This VMM provides us the capabilities to monitor system events as required and to create shadow page tables as needed, in order to intercept paging events and modifications to data structures. System components, manifest generation, and an integrity verification algorithm are discussed in detail in [9]. We added additional Intel ME firmware to our research prototype to verify the integrity of the VMM itself [11]. The architecture is shown in Figure 5.
Figure 5 Virtualized Environment Architecture (Source: Intel Corporation, 2009)
The key architectural components of our second prototype based on Deep Watch, as described in [11], are the Intel ME firmware with an integrity verification module and a VMM integrity application service inside the cloud-anti-virus service. With simple support from the BIOS system management interrupt (SMI) handler, the processor state and register information can be ascertained, and from these, Intel ME can reconstruct the virtual memory page tables for the VMM. System management mode (SMM) is a special-purpose operating mode that handles system-wide functions such as power management, system hardware control, or proprietary OEM-designed code. The main benefit of SMM is that it offers a distinct and easily isolated processor environment that is transparent to the OS or to the executive and software applications. When SMM (SMI handler) is invoked through an SMI, the processor saves the current state of the processor (the processor’s context), then switches to a separate operating environment contained in system management RAM (SMRAM). This processor state can be gathered in the SMI handler and communicated to Intel ME via a hardware interface. The processor state obtained by Intel ME can be utilized to reconstruct memory page tables to verify the run-time integrity of the VMM. Additionally, Intel ME can communicate all the information (processor state and memory pages) to the cloud-anti-virus service. The remote anti-virus service can then verify the run-time integrity of the VMM, thus overcoming the computational limitations of Intel ME. We also built a similar research prototype to measure the integrity of host OS drivers from the PCI DMA device as described in [12].
Threat Analysis
We assume that the attacker has full access to and control of the OS, including the kernel, and is able to insert, modify, or delete kernel drivers; however, we assume the attacker is not able to modify Intel ME firmware or SMRAM. Our assumption implies that the attack space is large in scope and ranges from simple user-space attacks to the kinds of attacks that seek to modify critical kernel data structures so as to compromise the user OS or VMM itself. Examples of some of these kinds of attacks include hooking of the import table, IDT, or system call table, kernel code and static data modifications, and direct kernel object manipulation. For an overview of kernel rootkit techniques please refer to [18].
Following are the threat vectors we address in Prototype 1:
- Threats to the host agent. Kernel code modifications, import tables, IDT, and system call-table hooking are mitigated by the kernel rootkit detector in Intel ME. Intel ME has an OOB interface to read memory through its DMA interface, and thus it guarantees that the rootkit detector has an unobstructed and unmodified view of memory.
- Unknown kernel attacks. If the kernel rootkit detector in Intel ME detects any suspicious behavior or pattern, then it can communicate with the cloud-anti-virus server for a detailed scan.
In Prototype 2 we address the same threats as in Prototype 1 as well as VMM attacks:
- Threats to the host agent. The host agent is protected against attacks from malware by the VMM.
- Unknown kernel attacks. The host agent, enhanced with our kernel root detector, provides the ability to detect any suspicious behavior or pattern.
- VMM attacks. With direct access to memory and the Runtime Kernel Rootkit Detection (RKRD) system in Intel ME, a compromised VMM can be detected.
Summary
In this article we describe the motivation for using cloud computing in the fight against malware, as proposed by both academia and industry. We examine the threats against cloud-based, anti-virus services, which are primarily directed towards the host agents running on the clients that provide input to the cloud-anti-virus engine. We then propose some platform-based features, based on Intel architecture, that can be used to mitigate threats against host agents. Our research prototypes use a combination of Intel virtualization technology and Intel chipset technologies, such as Intel ME, to effectively mitigate most of the threats against host agents in cloud-anti-virus service environments. Thus, these new usages of our technologies can help bring the benefits of cloud-anti-virus services to our end customers.
References
[1] “The Economic Impact of Viruses, Spyware, Adware, Botnets and other Malicious Code.” Computer Economics, 2007 Malware Report.
[2] Annual Report PandaLabs 2008. At http://www.pandasecurity.com
[3] F. Paget. “Avert Passes Milestone: 20 Million Malware Samples.” March ;10, 2009. At http://www.avertlabs.com
[4] T. Watson. “Antivirus Vendors Push Toward Cloud Computing.” Dark Reading, September 17, 2008. At http://www.darkreading.com
[5] J. Oberheide et al. “Cloud AV: N-Version Anti-virus in the Network Cloud.” In Proceedings of the 17th Usenix Security Symposium, pages 91-206, July 2008.
[6] McAfee, Inc. “Artermis Technology—Always–on, Real–Time Protection.” Whitepaper, 2008. At http://www.mcafee.com
[7] N. Petroni Jr. et al. ”Copilot–a coprocessor–based kernel runtime integrity monitor.” In Proceedings of the 13th Usenix Security Symposium, pages 179-194, August 2004.
[8] VMware, Inc. “VMsafe Security Technology.” A set of web pages. At http://www.vmware.com
[9] S. Grover et al. “RKRD: Runtime Kernel Rootkit Detection.” SECRYPT, 2008. To be published by Springer.
[10] X. Zhao et al. “Towards Protecting Sensitive Files in a Compromised System.” In Proceedings of the Third IEEE international Security in Storage Workshop, December 13, 2005.
[11] Y. Bulygin et al. “Chipset based detection and removal of virtualization malware.” Black Hat USA, 2008.
[12] R. Sahita et al. “OS Independent Run-Time System Integrity Services.“ Intel Corporation 2005. Whitepaper. At http://www.intel.com
[13] Z. Wang et al. “Countering Persistent Kernel Rootkits Through Systematic Hook Discovery.” 11th International Symposium on Recent Advances in Intrusion Detection (RAID), Boston, MA, September 15–17, 2008.
[14] S. Sparks and J. Butler. ”Shadow Walker: Raising the bar for rootkit detection.” Black Hat Japan, 2005.
[15] J. Rutkowska. “Subverting Vista Kernel for fun and profit.” Black Hat USA, 2006.
[16] Intel Corporation. “Built-in Manageability and Proactive Security.” Whitepaper, 2006. At http://www.intel.com
[17] O. Levy et al. “Advance Security Features of Intel® vPro Technology.” Intel Technology Journal, Volume 12, Issue 04, December 2008.
[18] Skape and Skywing. “A Catalog of Windows Local Kernel-mode Backdoor Techniques.” Uniformed Journal, Volume 8, September 2007. At http://www.uniformed.org
Acknowledgments
We acknowledge our reviewers and contributors, among them Yasser Rasheed, Ernie Brickell, and David Durham.
This article and more on similar subjects may be found in the Intel Technology Journal, June 2009 Edition, “Advances in Internet Security”. More information can be found at http://intel.com/technology/itj.
About the Authors
Carlos Rozas is a Senior Staff Security Researcher at Intel Labs in Hillsboro, Oregon. Carlos has 13 years research and development experience in the security area, including content protection, tamper resistant software, and software integrity. For the last four years, he has led research efforts in trustworthy virtualization that combines trusted computing technologies and virtualization. Carlos has a B.S. degree in Computer Engineering and Mathematics and a M.S. degree in Computer Engineering from the University of Michigan. His e-mail is carlos.v.rozas at intel.com.
Hormuzd Khosravi joined Intel in 1999 and currently works as a Software Architect at Intel Labs in Hillsboro, Oregon. His areas of specialization are security, networking, and manageability, and he has been involved with Intel® Active Management Technology (Intel® AMT) architecture since 2005. He holds seven patents in this area and has more pending. Hormuzd holds a B.S. degree in Electronics Engineering from Mumbai University, India and an M.S. degree in Computer Engineering from Rutgers University, New Jersey. His e-mail is hormuzd.m.khosravi at intel.com.
Divya Kolar Sunder is a Network Software Engineer at Intel Labs in Hillsboro, Oregon. Her research interests are in the areas of platform security, networking, and manageability. She joined Intel Corporation in 2005 and has been an active researcher in various security and manageability technologies such as Intel® Active Management Technology. Her current research focus is in chipset- and platform-based security technologies, and she has played an integral role in building proof-of-concept demonstrations from research concepts. She received her M.S. degree in Computer Science from Portland State University in 2006. Her e-mail is divya.kolar at intel.com.
Yuriy Bulygin is a Technical Lead in Intel’s Security Center of Excellence. He is responsible for vulnerability analysis of Intel processor and chipset technologies. His primary interests are vulnerability analysis, exploit development, reverse engineering, and cryptography. Yuriy’s education is in cryptography and applied math and physics from Moscow Institute of Physics and Technology. His e-mail is yuriy.bulygin at intel.com.
Copyright © 2009 Intel Corporation. All rights reserved. Intel, the Intel logo, and Intel Atom are trademarks of Intel Corporation in the U.S. and other countries. *Other names and brands may be claimed as the property of others.