Virtual Machine-based program modification

* Background

Virtualization techniques has made it possible to insert extra software layers underneath software that was previously running at the lowest system level, such as OS kernels.

The extra software layer have been used to multiplex the system resources into isolated virtual machines, migrating running systems from one physical host to another, etc.

But the possibilities do not end there.

* Project objective

The first objective with this project is to develop a software instrumentation toolkit that can run inside a virtual machine monitor. The toolkit will enable the virtual machine monitor to do on-the-fly modifications to the executing machine code as it is running. This will enable enforcement of arbitrary fine grained security properties of the running programs.

The second objective is to develop a framework security policies, including a language, and means to compile the policies into instrumentation instructions for the instrumentation toolkit, so that the policy is applied to the running code.

The extent of this project is suitable for two MSc students to carry out in collaboration.

* Task description

The toolkit will be built using the LLVM software for the internal representation of the code, and will use just-in-time compilation techniques from dynamically typed languages, including specialization, inlining, etc., to achieve efficient dynamic code generation.

One task is to implement emulation code for the machine instructions of the Intel x86 family processors, including support for the more complex instructions that change the GDT, IDT, and CRs, as the virtual machines will run system level code.

Another task is to investigate what kind of security checks that can efficiently be added to the code, and show by a concrete example how to encode them into a language, that is parsed and executed from the toolkit developed in the first task.

The two tasks have to be carried out concurrently, as the requirements from the second task influences what interface the toolkit should provide to the programmer.

* Skills

The Master Thesis work requires very good understanding of C/C++, a good understanding of how computers operate on a low level, such as inside the operating system. Some hands on experience with x86 assembly language is very helpful. Understanding of compilers is necessary for the second task.

Knowledge about virtualization and the Xen hypervisor, as well as acquaintance with the LLVM framework is very meriting.

If you have any project code or results that document your abilities, please send them in with the application.

* Applying

Please apply by e-mail to the thesis contact point.

An application has to include

* CV with your education, professional experience, and specific skills
* your courses and grades
* an article, paper, thesis or other relevant documents you have written in your education in order to judge your ability to express yourself in English.

The most important is not how the application looks, but if it shows that you have the necessary skills.

Also, remember that it is Master Thesis work - you ARE supposed to pick up a few things along the way!


* Work environment

The work will be carried out together with members of the Secure Systems group.

The work can be carried out both at SICS in Kista or remotely, but at least the initial work and later weekly meetings should be held at SICS' offices in Kista.

* About SICS

Swedish Institute of Computer Science, SICS, is a non-profit research organisation focusing on applied computer science.

SICS employs approx. 100 researchers, including 45 PhDs plus approx. 20 students working on their Master Thesis.

* Contact

Please contact [email protected] with your application, or for further questions about the project.