Threat Model

In our analysis, we contemplate a scenario where an attacker lacks physical access to the machine and assume their objective is to undermine the confidentiality and integrity of virtual machine (VM) data. Our focus encompasses attacks that breach confidentiality and integrity. This encompasses compromising the hypervisor or any other software to gain unauthorized access to, or modify, private VM memory or register state. Such attacks could be facilitated through mechanisms like controlling DMA-capable devices or exploiting vulnerabilities through memory remapping and aliasing techniques.

In our scope, we operate under the assumption that a VM will not willingly disclose its own private data, whether inadvertently or intentionally. We also consider attacks stemming from other compromised VMs, which encompass attempts to compromise confidentiality and integrity. However, attacks originating from a compromised hypervisor that aim to disrupt availability are excluded from our scope.

It's important to note that our article does not cover safeguards against known software error injection attacks and side-channel attacks. These particular forms of attacks necessitate the application of specialized architectural mitigations, which fall beyond the purview of our discussion.

Furthermore, certain types of attacks involving dynamic random-access memory (DRAM), such as cold boot attacks, live probing, or replay attacks, are not within the scope of our threat model. These attacks require additional hardware and are thus not considered in our analysis.