Determining Forensic Data Requirements for Detecting Hypervisor Attacks: NIST Releases Draft NISTIR 8221

0

NIST Requests Comments on Draft NISTIR 8221, “A Methodology for Determining Forensic Data Requirements for Detecting Hypervisor Attacks”

NIST has released Draft NIST Internal Report (NISTIR) 8221, A Methodology for Determining Forensic Data Requirements for Detecting Hypervisor Attacks, which analyzes recent vulnerabilities associated with two open-source hypervisors—Xen and KVM—as reported by the NIST National Vulnerability Database. The document develops a profile of those vulnerabilities in terms of hypervisor functionality, attack type, and attack source. The objective is to determine the evidence coverage for detecting and reconstructing those attacks and subsequently identify the techniques required to gather missing evidence. The methodologies outlined can assist cloud providers in enhancing the security of their virtualized infrastructure and take proactive steps toward preventing such attacks on their operating environment in the future.

A public comment period for this draft document is open until October 12, 2018.

CSRC Update:
https://csrc.nist.gov/news/2018/nist-releases-draft-nistir-8221-for-comment

Publication details:
https://csrc.nist.gov/publications/detail/nistir/8221/draft

Share.