Security Vulnerabilities of Virtualization Technique
Keywords:Virtual Machine Security, Isolation attacks, VM vulnerabilities, VM Security, Vulnerability Survey.
Cloud computing is a computing model for delivering resources in a convenient manner from a shared pool. The resources provisioned and released on an on-demand basis with minimal intervention of service provider. Cloud Computing is becoming the platform for all kind of web based services. Virtualization is the key concept to adopt the cloud computing. Virtualization offers many benefits comparing to real physical machine implementation infrastructure.Â Even though virtualization provides lots of benefits, it is also brings several security vulnerabilities. This paper presents the security breaches of various virtualization techniques that are applied in virtual machines, in which health care records maintained.
 Definition of Cloud computing, http://www.nist.gov/itl/cloud/
 Danielle Ruest, Nelson Ruest, â€œVirtualization: A Beginnerâ€™s Guideâ€, McGrawHill, 2009, Page 30.
 Bernd Grobauer, Tobias Walloschek, and Elmar Stocker, â€œUnderstanding cloud computing vulnerabilitiesâ€, IEEE Security and Privacy, 9(2) 50-57, March 2011. Anand. R, Sarswathi. S, Regan.R, â€œSecurity issues in virtualization environmentâ€, IEEE International Conference on Radar, Communication and Computing (ICRCC), 2012.
 Chunxiao Li, Raghunathan, A., Jha, N.K., â€œA Trusted Virtual Machine in an Untrusted Management Environmentâ€, IEEE Transactions on Services Computing, Volume: 5, Issue: 4, 2012.
 S. T. King, P. M. Chen, Y.-M. Wang, C. Verbowski, H. J. Wang and J.R. Lorch, â€œSubVirt: Implementing malware with virtual machines,â€ Proceedings of the IEEE Symposium on Security and Privacy, 2006. pp. 314-327.
 J. Rutkowska, â€œSubverting Vista Kernel for Fun and Profitâ€, Symposium on Security for Asia Network, SyScan and Black Hat Briefings, 2006.
 D.D.Zovi, â€œHardware Virtualization Rootkitsâ€, http://www.theta44.org /software/HVM_Rootkits_ddz_bh-usa-06.pdf.
 P. A. Tullmann, â€œThe Alta operating systemâ€, Master's thesis, University of Utah, Dec. 1999.
 Derek Bruening, Evelyn Duesterwald and Saman Amarasinghe, â€œDesign and implementation of a dynamic optimization framework for Windowsâ€, 4th ACM Workshop on Feedback-Directed and Dynamic Optimization (FDDO-4), December 2000.
 Intel Virtualization Technology: Hardware Support for efficient processor virtualization. URL: ftp://download.intel.com/technology/itj/2006/v10i3/v10 - i3- art01.pdf
 KVM White Paper. URL : http://www.qumranet.com/art_images/ files/8/KVM_Whitepaper.pdf
 James E. Smith, Ravi Nair, â€œThe Architecture of Virtual Machinesâ€, Computer, vol.38, no.5, pp. 32-38, May, 2005.
 Certification Report for Processor Resource/System Manager (PR/SM) for the IBM eServer zSeries 900, BSI-DSZ-CC-0179-2003, 27 February 2003, Bundesamt fur Sicherheit in der Information stechnik: Bonn, Germany. URL:http://www. commoncriteriaportal.org /public/files/epfiles/0179a.pdf
 Barham, P., Dragovic, B., Fraser, K., Hand, S. , Harris, T., Ho, A., Neugebauer, R., Pratt, I., and Warfield, A. 2003, â€œXen and the art of virtualizationâ€, Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles, USA, October 19 - 22, 2003.
 R. Sailer, E. Valdez, T. Jaeger, R. Perez, L. van Doorn, J. L. Griffin, S. Berger, â€œsHype: Secure Hypervisor Approach to Trusted Virtualized Systemsâ€, IBM Research reports.
 J. Sugerman, G. Venkitachalam, and B-H. Lim, â€œVirtualizing I/O Devices on VMware Workstationâ€™s Hosted Virtual Machine Monitor,â€ Proc. General Track: Usenix Ann. Technical Conf. Usenix Assoc.2001, p.1-14.
 Emin Gun Sirer, â€œNexus: A New Operating System for Trustworthy Computingâ€, TRUST (Team for Research in Ubiquitous Secure Technology), Washington DC, January 2006.
 Simics. URL: http://www.virtutech.com
 Fabrice, B., â€œQEMU: A Fast and Portable Dynamic Translatorâ€, USENIX 2005 Annual Technical conference, FREENIX, pp. 41-46, 2005.
 Ken Owens, Securing Virtual Computer Infrastructure in the Cloud, SavvisCorp, 2009.
 Shea. R, Jiangchuan Liu, â€œPerformance of Virtual Machines under Networked Denial of Service Attacks: Experiments and Analysisâ€, IEEE Systems Journal, Volume 7, Issue 2, June 2013.
 C. Modi, D. Patel, B. Borisaniya, A. Patel, and M.Rajarajan, â€œA survey on security issues and solutions at different layers of Cloud computing,â€ The Journal of Supercomputing, Oct. 2012.
 J. Oberheide, E. Cooke, and F. Jahanian, â€œEmpirical exploitation of live virtual machine migrationâ€, Black Hat Security Conference, Washington, DC, February 2008.
 M. Ver, â€œDynamic load balancing based on live migration of virtual machines: Security threats and effectsâ€, Thesis report Rochester Institute of Technology, B. Thomas Golisano College of Computing and Information Sciences (GCCIS), Rochester, NY, U.S.A, 2011.
 S.V. Manikanthan , T. Padmapriya â€œAn enhanced distributed evolved node-b architecture in 5G tele-communications networkâ€ International Journal of Engineering & Technology (UAE), Vol 7 Issues No (2.8) (2018) 248-254.March2018.
 S.V.Manikanthan and D.Sugandhi â€œ Interference Alignment Techniques For Mimo Multicell Based On Relay Interference Broadcast Channel â€ International Journal of Emerging Technology in Computer Science & Electronics (IJETCSE) ISSN: 0976-1353 Volume- 7 ,Issue 1 â€“MARCH 2014.
 T. Padmapriya, V.Saminadan, â€œPerformance Improvement in long term Evolution-advanced network using multiple imput multiple output techniqueâ€, Journal of Advanced Research in Dynamical and Control Systems, Vol. 9, Sp-6, pp: 990-1010, 2017.
LicenseAuthors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under aÂ Creative Commons Attribution Licensethat allows others to share the work with an acknowledgement of the work''s authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal''s published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (SeeÂ The Effect of Open Access).