Security Vulnerabilities of Virtualization Technique


  • Saravanan N
  • Umamakeswari A



Virtual Machine Security, Isolation attacks, VM vulnerabilities, VM Security, Vulnerability Survey.


Cloud computing is a computing model for delivering resources in a convenient manner from a shared pool. The resources provisioned and released on an on-demand basis with minimal intervention of service provider. Cloud Computing is becoming the platform for all kind of web based services. Virtualization is the key concept to adopt the cloud computing. Virtualization offers many benefits comparing to real physical machine implementation infrastructure.  Even though virtualization provides lots of benefits, it is also brings several security vulnerabilities. This paper presents the security breaches of various virtualization techniques that are applied in virtual machines, in which health care records maintained.



[1] Definition of Cloud computing,

[2] Danielle Ruest, Nelson Ruest, “Virtualization: A Beginner’s Guideâ€, McGrawHill, 2009, Page 30.

[3] Bernd Grobauer, Tobias Walloschek, and Elmar Stocker, “Understanding cloud computing vulnerabilitiesâ€, IEEE Security and Privacy, 9(2) 50-57, March 2011.

[4] Anand. R, Sarswathi. S, Regan.R, “Security issues in virtualization environmentâ€, IEEE International Conference on Radar, Communication and Computing (ICRCC), 2012.

[5] Chunxiao Li, Raghunathan, A., Jha, N.K., “A Trusted Virtual Machine in an Untrusted Management Environmentâ€, IEEE Transactions on Services Computing, Volume: 5, Issue: 4, 2012.

[6] S. T. King, P. M. Chen, Y.-M. Wang, C. Verbowski, H. J. Wang and J.R. Lorch, “SubVirt: Implementing malware with virtual machines,†Proceedings of the IEEE Symposium on Security and Privacy, 2006. pp. 314-327.

[7] J. Rutkowska, “Subverting Vista Kernel for Fun and Profitâ€, Symposium on Security for Asia Network, SyScan and Black Hat Briefings, 2006.

[8] D.D.Zovi, “Hardware Virtualization Rootkitsâ€, /software/HVM_Rootkits_ddz_bh-usa-06.pdf.

[9] P. A. Tullmann, “The Alta operating systemâ€, Master's thesis, University of Utah, Dec. 1999.

[10] Derek Bruening, Evelyn Duesterwald and Saman Amarasinghe, “Design and implementation of a dynamic optimization framework for Windowsâ€, 4th ACM Workshop on Feedback-Directed and Dynamic Optimization (FDDO-4), December 2000.

[11] Intel Virtualization Technology: Hardware Support for efficient processor virtualization. URL: - i3- art01.pdf

[12] KVM White Paper. URL : files/8/KVM_Whitepaper.pdf

[13] James E. Smith, Ravi Nair, “The Architecture of Virtual Machinesâ€, Computer, vol.38, no.5, pp. 32-38, May, 2005.

[14] Certification Report for Processor Resource/System Manager (PR/SM) for the IBM eServer zSeries 900, BSI-DSZ-CC-0179-2003, 27 February 2003, Bundesamt fur Sicherheit in der Information stechnik: Bonn, Germany. URL:http://www. /public/files/epfiles/0179a.pdf

[15] Barham, P., Dragovic, B., Fraser, K., Hand, S. , Harris, T., Ho, A., Neugebauer, R., Pratt, I., and Warfield, A. 2003, “Xen and the art of virtualizationâ€, Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles, USA, October 19 - 22, 2003.

[16] R. Sailer, E. Valdez, T. Jaeger, R. Perez, L. van Doorn, J. L. Griffin, S. Berger, “sHype: Secure Hypervisor Approach to Trusted Virtualized Systemsâ€, IBM Research reports.

[17] J. Sugerman, G. Venkitachalam, and B-H. Lim, “Virtualizing I/O Devices on VMware Workstation’s Hosted Virtual Machine Monitor,†Proc. General Track: Usenix Ann. Technical Conf. Usenix Assoc.2001, p.1-14.

[18] Emin Gun Sirer, “Nexus: A New Operating System for Trustworthy Computingâ€, TRUST (Team for Research in Ubiquitous Secure Technology), Washington DC, January 2006.

[19] Simics. URL:

[20] Fabrice, B., “QEMU: A Fast and Portable Dynamic Translatorâ€, USENIX 2005 Annual Technical conference, FREENIX, pp. 41-46, 2005.

[21] Ken Owens, Securing Virtual Computer Infrastructure in the Cloud, SavvisCorp, 2009.

[22] Shea. R, Jiangchuan Liu, “Performance of Virtual Machines under Networked Denial of Service Attacks: Experiments and Analysisâ€, IEEE Systems Journal, Volume 7, Issue 2, June 2013.

[23] C. Modi, D. Patel, B. Borisaniya, A. Patel, and M.Rajarajan, “A survey on security issues and solutions at different layers of Cloud computing,†The Journal of Supercomputing, Oct. 2012.

[24] J. Oberheide, E. Cooke, and F. Jahanian, “Empirical exploitation of live virtual machine migrationâ€, Black Hat Security Conference, Washington, DC, February 2008.

[25] M. Ver, “Dynamic load balancing based on live migration of virtual machines: Security threats and effectsâ€, Thesis report Rochester Institute of Technology, B. Thomas Golisano College of Computing and Information Sciences (GCCIS), Rochester, NY, U.S.A, 2011.

[26] S.V. Manikanthan , T. Padmapriya “An enhanced distributed evolved node-b architecture in 5G tele-communications network†International Journal of Engineering & Technology (UAE), Vol 7 Issues No (2.8) (2018) 248-254.March2018.

[27] S.V.Manikanthan and D.Sugandhi “ Interference Alignment Techniques For Mimo Multicell Based On Relay Interference Broadcast Channel †International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE) ISSN: 0976-1353 Volume- 7 ,Issue 1 –MARCH 2014.

[28] T. Padmapriya, V.Saminadan, “Performance Improvement in long term Evolution-advanced network using multiple imput multiple output techniqueâ€, Journal of Advanced Research in Dynamical and Control Systems, Vol. 9, Sp-6, pp: 990-1010, 2017.