Chair of Computer Science II - Software Engineering


Update: This tool is no longer maintained and supported.


hInjector is a tool for injecting hypercall attacks in virtualized environments for the purpose of evaluating hypercall security mechanisms - intrusion detection systems and mandatory access control mechanisms. hInjector injects hypercall attacks during regular operation of guest virtual machines, crafted with respect to representative attack models. The current implementation of hInjector is for the Xen hypervisor, which can be ported to other open-source hypervisors, such as KVM.

For more information, please contact Aleksandar Milenkoski.


Source Code @ Github

Mailing List

To stay updated on our tools, please subscribe to our descartes-tools mailing list (low traffic, only announcements related to our tools)
Your E-mail address:
Your Name (optional):


2019[ to top ]
  • Towards Testing the Software Aging Behavior of Hypervisor Hypercall Interfaces. L. Beierlieb; L. Iffländer; A. Milenkoski; C. F. Goncalves; N. Antunes; S. Kounev; in 2019 {IEEE} International Symposium on Software Reliability Engineering Workshops ({ISSREW}) (2019).
  • Towards Testing the Performance Influence of Hypervisor Hypercall Interface Behavior. L. Beierlieb; L. Iffländer; S. Kounev; A. Milenkoski; in Proceedings of the 10th Symposium on Software Performance 2019 (SSP’19) (2019).
2015[ to top ]
  • {Evaluation of Intrusion Detection Systems in Virtualized Environments Using Attack Injection}. A. Milenkoski; B. D. Payne; N. Antunes; M. Vieira; S. Kounev; A. Avritzer; M. Luft; in The 18th International Symposium on Research in Attacks, Intrusions, and Defenses (RAID 2015) (2015).
2014[ to top ]
  • {Experience Report: An Analysis of Hypercall Handler Vulnerabilities}. A. Milenkoski; B. D. Payne; N. Antunes; M. Vieira; S. Kounev; in {Proceedings of The 25th IEEE International Symposium on Software Reliability Engineering (ISSRE 2014) --- Research Track} (2014).
  • {Technical Information on Vulnerabilities of Hypercall Handlers} A. Milenkoski; M. Vieira; B. D. Payne; N. Antunes; S. Kounev; (2014).
2013[ to top ]
  • {HInjector: Injecting Hypercall Attacks for Evaluating VMI-based Intrusion Detection Systems}. A. Milenkoski; B. D. Payne; N. Antunes; M. Vieira; S. Kounev; in The 2013 Annual Computer Security Applications Conference (ACSAC 2013) (2013).
2012[ to top ]
  • {Towards Benchmarking Intrusion Detection Systems for Virtualized Cloud Environments}. A. Milenkoski; S. Kounev; in Proceedings of the 7th International Conference for Internet Technology and Secured Transactions (ICITST 2012) (2012). 562–563.