Advanced Security Threats and Mitigation Techniques in Virtualized Environment

  • Authors

    • N. Ramakrishnan Vellore Institute of Technology, Chennai
    • Dr. Subbulakshmi.T Vellore Institute of Technology, Chennai
    2019-04-03
    https://doi.org/10.14419/ijet.v7i4.25161
  • Virtualization, Virtual Machines, Threats, Mitigation, Virtualization Security.
  • Abstract

    ‘Virtualization’ is not the new buzzword in IT field as it was introduced in 1960s by IBM while trying providing solution to accommodate multiple users over expensive computer resources with time shared solutions.This solution supported every technology and protocols of physical computer infrastructure. Even though it kept evolving over the years, the technology achieved its reach with the introduction of VMware workstation by VMware Company in year 1999.At present there are enough solutions available to virtualize our computer resources.However the rush seen in embracing this technology has not been justified when we consider the security issues attached to it. Virtualization by itself is considered erroneously as a security solution. In fact it increases the attack surface area, along with the more probability of successful execution of various cyber-attacks. This paper is intended to study in detail about the advanced threats and their mitigation techniques that are to be understood while operating in virtualized environment.

     

     

  • References

    1. [1] VMware, Inc, “Virtualization overview “[Online]: https://www.vmware.com/pdf/virtualization.pdf.

      [2] Scott Delap, “Virtualization Intro†[Online]: https://www.infoq.com/articles/virtualization-intro.

      [3] Dave Shackleford, “Virtualization Security: Protecting virtualized Environmentsâ€: Book published by Jhon Wiley & Sons. ISBN: 978-1-118-28812-2.

      [4] Ted Ritter, “Virtualization Security Achieving Compliance for the Virtual Infrastructure†Senior Research Analyst, Nemertes Research [Online] http://la.trendmicro.com/media/wp/virtualization-security-nemertes-whitepaper-en.pdf.

      [5] Muhammad Arif and Haroon Shakeel, “Virtualization security: Analysis and open challengesâ€, Faculty of Computer Science and Information Technology, University of Malaya 50603 Kuala Lumpur, Malaysia, Computer Science Department, Comsats Institute of Information and Technology Islamabad Pakistan, International Journal of Law and Information Technology February 2015.

      [6] Gabriel Cephas Obasuyi, Arif Sari, “Security Challenges of Virtualization Hypervisors in Virtualized Hardware Environmentâ€, Management Centre of the Mediterranean, Nicosia, Cyprus, Int. J. Communications, Network and System Sciences, 2015, 8, 260-273.

      [7] https://johncouzins.wordpress.com/2013/11/27/attacking-the-hypervisor/.

      [8] Jason Geffner, “VENOM†CrowdStrike Senior Security Researcher, [Online]: http://venom.crowdstrike.com.

      [9] Brian Donohue,“All you need to know about VENOM virtualization vulnerabilityâ€, [Online]: https://blog.kaspersky.com/venom-virtualization-vulnerability/8743/.

      [10] VMware, Inc, “VMware® vStorage Virtual Machine File System†[Online]: https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/vmware-vmfs-tech-overview-white-paper.pdf.

      [11] Michael Principato, “Virtualization technology and Process Control System upgradesâ€, Heidelberg Technology Center - HeidelbergCement, Allentown/Leimen, Germany Technical Conference, 2010 IEEE-IAS/PCA 52nd https://doi.org/10.1109/CITCON.2010.5469770.

      [12] Satyam B.Vaghani “Virtual Machine File System†VMware, Inc [Online]: https://www.researchgate.net/publication/220623259_Virtual_machine_file_system.

      [13] VMware, Inc, VMFS, [Online:] https://www.vmware.com/support/ws55/doc/ws_learning_files_in_a_vm.html.

      [14] VMware, Inc, VMFS Best Practices, [Online:] http://www.vmware.com/pdf/vmfs-best-practices-wp.pdf.

      [15] Kaspersky, “Malware analysis:How some strains‘adapt’ to virtual Machines†[Online]: http://www.bitpipe.com/detail/RES/1477288811_51.html

      [16] Diego Perez-Botero, Jakub Szefer and Ruby B. Lee, "Characterizing Hypervisor Vulnerabilities in Cloud Computing Servers,"in Proceedings of the Workshop on Security in Cloud Computing (SCC), May 2013.

      [17] SUSE security updates [Online]: https://www.suse.com/security/cve/CVE-2008-3687/.

      [18] Understanding Memory Resource Management [online]: http://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/perf-vsphere-memory_management.pdf.

      [19] Mikhail Gorobets & team, Attacking Hypervisor Via Firmware [Online] http://www.intelsecurity.com/advanced-threat-research/ content/ AttackingHypervisorViaFirmware_bhusa15_dc23.pdf.

      [20] Piotr Gaj, Mirosław Skrzewski, Jacek Stój, Jarosław Flak, “Virtualization as a way to PC based functionalities†https://doi.org/10.1109/TII.2014.2360499.

      [21] Te-Shun Chou, “Security Threats On Cloud Computing Vulnerabilitiesâ€, IJCSIT Vol 5, No 3, June 2013.

      [22] Arif Khan, “Virtual machine securityâ€, Int. J. Information and Computer Security, Vol. 9, Nos. 1/2, 2017.

      [23] Hagen Lauer, Nicolai Kuntze, “Hypervisor-based Attestation of Virtual Environments†IEE Journal : DOI 10.1109/UIC-ATC-ScalCom-CBDCom-IoP-SmartWorld.2016.125

      [24] Leonardo Richter Bays, Rodrigo Ruas Oliveira, Marinho PillaBarcellos, Luciano Paschoal Gaspary and Edmundo Roberto Mauro Madeira, “Virtualnetworksecurity:threats, countermeasures, and challengesâ€, Springer: Journal of Internet Services and Applications, DOI10.1186/s13174-014-0015-z

      [25] Di Lu, Jianfeng Ma, Cong Sun, Qixuan Wu, Zhaochang Sun, Ning Xi,â€Building a Secure Scheme for a Trusted Hardware Sharing Environmentâ€, IEE Journal : DOI 10.1109/ ACCESS.2017.2703124, IEEE Access, Vol. 14, No. 8, Aug 2015

  • Downloads

  • How to Cite

    Ramakrishnan, N., & Subbulakshmi.T, D. (2019). Advanced Security Threats and Mitigation Techniques in Virtualized Environment. International Journal of Engineering & Technology, 7(4), 5449-5455. https://doi.org/10.14419/ijet.v7i4.25161

    Received date: 2018-12-31

    Accepted date: 2019-01-30

    Published date: 2019-04-03