Thoughts on hypervisor-based virtualization threats and vulnerabilities / Pensamentos sobre ameaças e vulnerabilidades de virtualização baseadas no hipervisor

Authors

  • João Vitor Assis Ribeiro

DOI:

https://doi.org/10.34117/bjdv8n4-460

Keywords:

virtualization, security, vulnerability assessment.

Abstract

As vulnerability and threat analysis play a vital role in software security in an ever-increasing digital world of virtualized computer and information systems, it is paramount that key security concepts are understood and that crucial security practices are applied in order to safeguard these types of assets. For that, this work attempts to provide an insight at vulnerabilities and threats related to the hypervisor model of virtualization while also fomenting a discussion about the security demands and challenges that this technology brings.

References

Chris Brenton (2011). The Basics of Virtualization Security.https://cloudsecurityalliance.org/wp-content/uploads/2011/11/virtualization-security.pdf

Popek GJ, Goldberg RP (1974). Formal requirements for virtualizable third generation architectures. Communications of the ACM. 1974 Jul 1;17(7):412-21.

Lo Jack (2005). VMware and CPU virtualization technology. World Wide Web electronic publication Journal.

VMWare (2008). Understanding Full Virtualization, Paravirtualization, and Hardware Assist. https://www.vmware.com/techpapers/2007/understanding-full-virtualization-paravirtualizat-1008.html

Naveed Alam (2008). Survey On Hypervisors. http://math.tntech.edu/rafal/cliff11/index.html

Nakajima, J., & Mallick, A. K. (2007). Hybrid-virtualization—enhanced virtualization for Linux. In Proceedings of the Linux Symposium (Vol. 2, pp. 87-96).

Smith, J., & Nair, R. (2005). Virtual machines: versatile platforms for systems and processes. Elsevier.

Craig, I. D. (2010). Virtual machines. Springer Science & Business Media.

Reuben, J. S. (2007). A survey on virtual machine security. Helsinki University of Technology, 2(36).

Enabling Intel® Virtualization Technology: Features and Benefits https://www.intel.com/content/dam/www/public/us/en/documents/whitepapers/virtualization-enabling-intel-virtualization-technology-features-and-benefits-paper.pdf

Brengel, M., Backes, M., & Rossow, C. (2016). Detecting hardware-assisted virtualization. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 207-227). Springer, Cham.

Garfinkel, T., Adams, K., Warfield, A., & Franklin, J. (2007, May). Compatibility Is Not Transparency: VMM Detection Myths and Realities. In HotOS.

Robin, J. S., & Irvine, C. E. (2000). Analysis of the Intel Pentium's ability to support a secure virtual machine monitor. In 9th USENIX Security Symposium (USENIX Security 00).

Aldeid.com (2017). X86-assembly/Instructions/sidthttps://www.aldeid.com/wiki/X86-assembly/Instructions/sidt

Intel (2021). Intel 64 and IA-32 Architectures Software Developer’s Manual.

https://software.intel.com/sites/default/files/managed/39/c5/325462-sdm-vol-1-2abcd-3abcd.pdf

VMWare (2019) Virtual Machine Features and Specifications. https://docs.vmware.com/en/VMware-WorkstationPro/16.0/com.vmware.ws.using.doc/GUID-723863F8-26BC-471B-B5FE-081ABDCAA4B2.html

Oracle Corporation (2022). Oracle VM VirtualBox User Manual. https://docs.oracle.com/en/virtualization/virtualbox/6.1/user/BasicConcepts.html

Dong, Y., Dai, J., Huang, Z., Guan, H., Tian, K., & Jiang, Y. (2009, May). Towards high-quality I/O virtualization. In Proceedings of SYSTOR 2009: The Israeli Experimental Systems Conference (pp. 1-8).

Intel (2008). PCI-SIG Single-Root I/O Virtualization (SR-IOV) Support in Intel Virtualization Technology for Connectivity.https://www.intel.com/content/dam/doc/white-paper/pci-sig-single-root-io-virtualization-support-in-virtualization-technology-for-connectivity-paper.pdf

Torrey (2014). "Intel’s Virtualization Extensions (VT-x) “So you want to build a hypervisor?”http://www.cs.dartmouth.edu/~sergey/cs108/2014/TorreyGuestLecture-Hypervors.pdf

Rutkowska, J., & Tereshkin, A. (2007). IsGameOver () anyone. Black Hat, USA.

Ferrie, P. (2007). Attacks on more virtual machine emulators. Symantec Technology Exchange, 55, 369.

Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., ... & Warfield, A. (2003). Xen and the art of virtualization. ACM SIGOPS operating systems review, 37(5), 164-177.

Whitaker, A., Shaw, M., & Gribble, S. D. (2002). Scale and performance in the Denali isolation kernel. In 5th Symposium on Operating Systems Design and Implementation (OSDI 02).

Amsden, Z., Arai, D., Hecht, D., Holler, A., & Subrahmanyam, P. (2006, July). VMI: An interface for paravirtualization. In Proc. of the Linux Symposium (pp. 363-378).

Bazargan, F., Yeun, C. Y., & Zemerly, M. J. (2012). State-of-the-art of virtualization, its security threats and deployment models. International Journal for Information Security Research (IJISR), 2(3/4), 335-343.

Telelink (2013). Hyperjacking. http://itsecurity.telelink.com/hyperjacking/

King, S. T., & Chen, P. M. (2006, May). SubVirt: Implementing malware with virtual machines. In 2006 IEEE Symposium on Security and Privacy (S&P'06) (pp. 14-pp). IEEE.

Zovi, D. A. D. (2006). Hardware virtualization rootkits. Black Hat 2006, August.

Ray, I., & Shenoi, S. (Eds.). (2008). Advances in digital forensics IV (Vol. 285). Springer Science & Business Media.

Lawson, N., Ferrie, P., & Ptacek, T. (2007). Don’t Tell Joanna. The Virtualized Rootkit Is Dead. Black Hat USA.

Shea, R., & Liu, J. (2012, June). Understanding the impact of denial of service attacks on virtual machines. In 2012 IEEE 20th International Workshop on Quality of Service (pp. 1-9). IEEE.

Childs, Dustin. (2017) Pwn2Own 2017 – Day Three Schedule and Results.https://blog.trendmicro.com/pwn2own-2017-day-three-schedule-results

VMWare (2017). Security Advisories - VMSA-2017-0018.1.https://www.vmware.com/security/advisories/VMSA-2017-0018.html

Abusaimeh, H. Virtual Machine Escape in Cloud Computing Services. Virtual Machine Escape in Cloud Computing Services 2020.https://www.blackhat.com/us-19/briefings/schedule/#exploiting-the-hyper-v-ide-emulator-to-escape-the-virtual-machine-15862

Adams, K., & Agesen, O. (2006). A comparison of software and hardware techniques for x86 virtualization. ACM Sigplan Notices, 41(11), 2-13.

Lisa Vaas (2021). VMware ESXi Servers Encrypted by Lightning-Fast Python Script

https://threatpost.com/vmware-esxi-encrypted-python-script-ransomware/175374/

Schneier, B. The Security Mindset (2008).https://www.schneier.com/blog/archives/2008/03/the_security_mi_1.html

Downloads

Published

2022-04-23

How to Cite

Ribeiro, J. V. A. (2022). Thoughts on hypervisor-based virtualization threats and vulnerabilities / Pensamentos sobre ameaças e vulnerabilidades de virtualização baseadas no hipervisor. Brazilian Journal of Development, 8(4), 29798–29818. https://doi.org/10.34117/bjdv8n4-460

Issue

Section

Original Papers