NIST RFC: Draft NISTIR 8221, A Methodology for Determining Forensic Data Requirements for Detecting Hypervisor Attacks

NIST has released Draft NIST Internal Report (NISTIR) 8221, “A Methodology for Determining Forensic Data Requirements for Detecting Hypervisor Attacks”, which analyzes recent vulnerabilities associated with two open-source hypervisorsXen and KVMas reported by the NIST National Vulnerability Database. The document develops a profile of those vulnerabilities in terms of hypervisor functionality, attack type, and attack source. The objective is to determine the evidence coverage for detecting and reconstructing those attacks and subsequently identify the techniques required to gather missing evidence. The methodologies outlined can assist cloud providers in enhancing the security of their virtualized infrastructure and take proactive steps toward preventing such attacks on their operating environment in the future.

A public comment period for this draft document is open until October 12, 2018.

https://csrc.nist.gov/publications/detail/nistir/8221/draft

https://csrc.nist.gov/news/2018/nist-releases-draft-nistir-8221-for-comment

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s