Taming Hosted Hypervisors with (Mostly) Deprivileged Execution
Download: Paper (PDF)
Date: 23 Apr 2013
Document Type: Presentations
Additional Documents: Slides
Associated Event: NDSS Symposium 2013
Virtualizing a computer system is a complex task. Existing hosted hypervisors typically have a large code base which might introduce exploitable software bugs. DeHype is proposed to reduce the exposed attack surface of a hosted hypervisor by deprivileging most of its execution to user mode, which also brings additional benefits in allowing for better development as well as concurrent execution of multiple hosted hypervisors in the same physical machine.