Thoughts on hypervisor-based virtualization threats and vulnerabilities / Pensamentos sobre ameaças e vulnerabilidades de virtualização baseadas no hipervisor
DOI:
https://doi.org/10.34117/bjdv8n4-460Keywords:
virtualization, security, vulnerability assessment.Abstract
As vulnerability and threat analysis play a vital role in software security in an ever-increasing digital world of virtualized computer and information systems, it is paramount that key security concepts are understood and that crucial security practices are applied in order to safeguard these types of assets. For that, this work attempts to provide an insight at vulnerabilities and threats related to the hypervisor model of virtualization while also fomenting a discussion about the security demands and challenges that this technology brings.
References
Chris Brenton (2011). The Basics of Virtualization Security.https://cloudsecurityalliance.org/wp-content/uploads/2011/11/virtualization-security.pdf
Popek GJ, Goldberg RP (1974). Formal requirements for virtualizable third generation architectures. Communications of the ACM. 1974 Jul 1;17(7):412-21.
Lo Jack (2005). VMware and CPU virtualization technology. World Wide Web electronic publication Journal.
VMWare (2008). Understanding Full Virtualization, Paravirtualization, and Hardware Assist. https://www.vmware.com/techpapers/2007/understanding-full-virtualization-paravirtualizat-1008.html
Naveed Alam (2008). Survey On Hypervisors. http://math.tntech.edu/rafal/cliff11/index.html
Nakajima, J., & Mallick, A. K. (2007). Hybrid-virtualization—enhanced virtualization for Linux. In Proceedings of the Linux Symposium (Vol. 2, pp. 87-96).
Smith, J., & Nair, R. (2005). Virtual machines: versatile platforms for systems and processes. Elsevier.
Craig, I. D. (2010). Virtual machines. Springer Science & Business Media.
Reuben, J. S. (2007). A survey on virtual machine security. Helsinki University of Technology, 2(36).
Enabling Intel® Virtualization Technology: Features and Benefits https://www.intel.com/content/dam/www/public/us/en/documents/whitepapers/virtualization-enabling-intel-virtualization-technology-features-and-benefits-paper.pdf
Brengel, M., Backes, M., & Rossow, C. (2016). Detecting hardware-assisted virtualization. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 207-227). Springer, Cham.
Garfinkel, T., Adams, K., Warfield, A., & Franklin, J. (2007, May). Compatibility Is Not Transparency: VMM Detection Myths and Realities. In HotOS.
Robin, J. S., & Irvine, C. E. (2000). Analysis of the Intel Pentium's ability to support a secure virtual machine monitor. In 9th USENIX Security Symposium (USENIX Security 00).
Aldeid.com (2017). X86-assembly/Instructions/sidthttps://www.aldeid.com/wiki/X86-assembly/Instructions/sidt
Intel (2021). Intel 64 and IA-32 Architectures Software Developer’s Manual.
https://software.intel.com/sites/default/files/managed/39/c5/325462-sdm-vol-1-2abcd-3abcd.pdf
VMWare (2019) Virtual Machine Features and Specifications. https://docs.vmware.com/en/VMware-WorkstationPro/16.0/com.vmware.ws.using.doc/GUID-723863F8-26BC-471B-B5FE-081ABDCAA4B2.html
Oracle Corporation (2022). Oracle VM VirtualBox User Manual. https://docs.oracle.com/en/virtualization/virtualbox/6.1/user/BasicConcepts.html
Dong, Y., Dai, J., Huang, Z., Guan, H., Tian, K., & Jiang, Y. (2009, May). Towards high-quality I/O virtualization. In Proceedings of SYSTOR 2009: The Israeli Experimental Systems Conference (pp. 1-8).
Intel (2008). PCI-SIG Single-Root I/O Virtualization (SR-IOV) Support in Intel Virtualization Technology for Connectivity.https://www.intel.com/content/dam/doc/white-paper/pci-sig-single-root-io-virtualization-support-in-virtualization-technology-for-connectivity-paper.pdf
Torrey (2014). "Intel’s Virtualization Extensions (VT-x) “So you want to build a hypervisor?”http://www.cs.dartmouth.edu/~sergey/cs108/2014/TorreyGuestLecture-Hypervors.pdf
Rutkowska, J., & Tereshkin, A. (2007). IsGameOver () anyone. Black Hat, USA.
Ferrie, P. (2007). Attacks on more virtual machine emulators. Symantec Technology Exchange, 55, 369.
Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., ... & Warfield, A. (2003). Xen and the art of virtualization. ACM SIGOPS operating systems review, 37(5), 164-177.
Whitaker, A., Shaw, M., & Gribble, S. D. (2002). Scale and performance in the Denali isolation kernel. In 5th Symposium on Operating Systems Design and Implementation (OSDI 02).
Amsden, Z., Arai, D., Hecht, D., Holler, A., & Subrahmanyam, P. (2006, July). VMI: An interface for paravirtualization. In Proc. of the Linux Symposium (pp. 363-378).
Bazargan, F., Yeun, C. Y., & Zemerly, M. J. (2012). State-of-the-art of virtualization, its security threats and deployment models. International Journal for Information Security Research (IJISR), 2(3/4), 335-343.
Telelink (2013). Hyperjacking. http://itsecurity.telelink.com/hyperjacking/
King, S. T., & Chen, P. M. (2006, May). SubVirt: Implementing malware with virtual machines. In 2006 IEEE Symposium on Security and Privacy (S&P'06) (pp. 14-pp). IEEE.
Zovi, D. A. D. (2006). Hardware virtualization rootkits. Black Hat 2006, August.
Ray, I., & Shenoi, S. (Eds.). (2008). Advances in digital forensics IV (Vol. 285). Springer Science & Business Media.
Lawson, N., Ferrie, P., & Ptacek, T. (2007). Don’t Tell Joanna. The Virtualized Rootkit Is Dead. Black Hat USA.
Shea, R., & Liu, J. (2012, June). Understanding the impact of denial of service attacks on virtual machines. In 2012 IEEE 20th International Workshop on Quality of Service (pp. 1-9). IEEE.
Childs, Dustin. (2017) Pwn2Own 2017 – Day Three Schedule and Results.https://blog.trendmicro.com/pwn2own-2017-day-three-schedule-results
VMWare (2017). Security Advisories - VMSA-2017-0018.1.https://www.vmware.com/security/advisories/VMSA-2017-0018.html
Abusaimeh, H. Virtual Machine Escape in Cloud Computing Services. Virtual Machine Escape in Cloud Computing Services 2020.https://www.blackhat.com/us-19/briefings/schedule/#exploiting-the-hyper-v-ide-emulator-to-escape-the-virtual-machine-15862
Adams, K., & Agesen, O. (2006). A comparison of software and hardware techniques for x86 virtualization. ACM Sigplan Notices, 41(11), 2-13.
Lisa Vaas (2021). VMware ESXi Servers Encrypted by Lightning-Fast Python Script
https://threatpost.com/vmware-esxi-encrypted-python-script-ransomware/175374/
Schneier, B. The Security Mindset (2008).https://www.schneier.com/blog/archives/2008/03/the_security_mi_1.html