Abstract
The exponentially growing cloud technology equip organizations which they need to scale up their business without spending much on the IT infrastructure indeed. Services-based Cloud computing is a Leading-edge platform that allures the organization by its pervasiveness, elasticity, on-demand availability of the services, pays per usage model. All these features make the cloud an ideal environment for organizations and individuals. Virtualization is a key component of cloud computing that makes the virtual instances of cloud computing resources, including Network, Storage, Servers so that these instances could run on multiple machines at the same time to reduce the workload and the financial cost. The virtualization is implemented by using a special kind of software built on a large complex code is known as hypervisor or Virtual Machine Monitor (VMM). the hypervisor is responsible to control the overall functioning of the virtualized infrastructure including the virtual machines running on top of the virtualized layer by abstracting the host hardware. The vulnerabilities found in the hypervisor may be exploited by the cybercriminals resulting in taking full control of the environment. This study highlights the cyber-attack on virtualization and how the malicious actor can use virtualization, as an attack surface to aggravate the cloud services. This paper presents various vulnerabilities found in different hypervisors, gives an overview of various cyber-attacks on the virtualization platform. These attacks are further categorized as hypervisor-based and Virtual machine-based with explanation and pinpointing the solutions by mining the literature.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Ruan K, Carthy J, Kechadi T, Crosbie M (2011) Cloud forensics, pp 35–46. doi: https://doi.org/10.1007/978-3-642-24212-0_3
Mell P, Grance T (2011) The NIST definition of cloud computing recommendations of the national institute of standards and technology. Natl Inst Stand Technol Inf Technol Lab 145:7. https://doi.org/10.1136/emj.2010.096966
Khorshed T, Ali ABMS, Wasimi SA (2012) A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing. Futur Gener Comput Syst 28(6):833–851. https://doi.org/10.1016/j.future.2012.01.006
Jain R. Virtualization security in data centers and clouds, pp 1–12
Malhotra L, Agarwal D, Jaiswal A (2014) Information technology & software engineering virtualization in cloud computing, vol 4, no 2, pp 2–4. https://doi.org/10.4172/2165-7866.1000136
Almutairy NM, Al-Shqeerat KHA, Al Hamad HA (2019) A taxonomy of virtualization security issues in cloud computing environments. Indian J Sci Technol 12(3):1–19. https://doi.org/10.17485/ijst/2019/v12i3/139557
Shukur H, Zeebaree S, Zebari R, Zeebaree D, Ahmed O, Salih A (2020) Cloud computing virtualization of resources allocation for distributed systems. J Appl Sci Technol Trends 1(3):98–105. https://doi.org/10.38094/jastt1331
Saleem M (2017) Cloud computing virtualization. Int J Comput Appl Technol Res 6(7):290–292. https://doi.org/10.7753/ijcatr0607.1004
Zhu G, Yin Y, Cai R, Li K(2017) Detecting virtualization specific vulnerabilities in cloud computing environment. In: IEEE international conference cloud computing CLOUD, vol 2017, June 2017, pp 743–748. https://doi.org/10.1109/CLOUD.2017.105
Tank D, Aggarwal A, Chaubey N (2019) Virtualization vulnerabilities, security issues, and solutions: a critical study and comparison. Int J Inf Technol. https://doi.org/10.1007/s41870-019-00294-x
Daneshkhah A, Hosseinian Far A, Carroll F, Montasari R, Macdonald S (2021) Network and hypervisor-based attacks in cloud computing environments. Int J Electron Secur Digit Forensics 1(1):1. https://doi.org/10.1504/ijesdf.2021.10036493
Aalam Z, Kumar V, Gour S (1950) A review paper on hypervisor and virtual machine security. J Phys Conf Ser 1:2021. https://doi.org/10.1088/1742-6596/1950/1/012027
Xiao J, Lu L, Huang H, Wang H (2018) Virtual machine extrospection: a reverse information retrieval in cloud. IEEE Trans Cloud Comput 9:401–403. https://doi.org/10.1109/TCC.2018.2855143
Kortchinsky K. Immunity, Inc. 05/26/10 1
Elhage N (2011) Virtunoid: breaking out of KVM KVM: architecture overview attack surface bypassing ASLR
Ren XY, Zhou YQ (2016) A review of virtual machine attack based on Xen. In: MATEC Web of Conferences, vol 61, p 03003. EDP Sciences
Narayana KE, Jayashree K (2020) Survey on cross virtual machine side channel attack detection and properties of cloud computing as sustainable material. Mater Today Proc 45:6465–6470. https://doi.org/10.1016/j.matpr.2020.11.283
Ahmad RW, Gani A, Hamid SHA, Shiraz M, Yousafzai A, Xia F (2015) A survey on virtual machine migration and server consolidation techniques for cloud data centers. J Netw Comput Appl 52:11–25. https://doi.org/10.1016/j.jnca.2015.02.002
Malhotra D (2018) A critical survey of virtual machine migration techniques in cloud computing. In: 2018 first international conference on secure cyber computing and communication (ICSCCC), pp 328–332. IEEE
Tohidirad Y, Abdezadeh S, Aliabadi ZS, Azizi A, Moradi M (2015) Virtual machine scheduling in cloud computing environment. Int J Manag Pub Sect Inf Commun Technol 6(4):1–6. https://doi.org/10.5121/ijmpict.2015.6401
Liu L, Qiu Z (2017) A survey on virtual machine scheduling in cloud computing. In: 2016 2nd IEEE International Conference Computing Communication, ICCC 2016—Proceedings, pp 2717–2721. https://doi.org/10.1109/CompComm.2016.7925192
Supreeth S, Patil KK (2019) Virtual machine scheduling strategies in cloud computing—a review. Int J Emerg Technol 10(3):181–188
Kumar V, Rathore RS (2018) Security issues with virtualization in cloud computing. In: Proceedings—2018 international conference on advances in computing, communication control and networking, ICACCCN 2018, pp 487–491. https://doi.org/10.1109/ICACCCN.2018.8748405
Cowan C, Wagle F, Pu C, Beattie S, Walpole J (2000). Buffer overflows: attacks and defenses for the vulnerability of the decade. In: Proceedings DARPA information survivability conference and exposition, DISCEX’00. IEEE, vol 2, pp 119–129
Sahu SK, Khare DRK (2020) DDOS attacks & mitigation techniques in cloud computing environments. Gedrag Organ Rev 33(2). https://doi.org/10.37896/gor33.02/246
Higgins KJ (2009) Hacking tool lets a vm break out and attack its host. Darkreading. [Online], 4. https://www.darkreading.com/risk/hacking-tool-lets-a-vm-break-out-and-attack-its-host
Dubrulle P, Sirdey R, Doré P, Aichouch M, Ohayon E (2015) Blind hypervision to protect virtual machine privacy against hypervisor escape vulnerabilities. In: Proceeding—2015 IEEE international conference on industrial informatics, INDIN 2015, pp 1394–1399. https://doi.org/10.1109/INDIN.2015.7281938
Wu J, Lei Z, Chen S, Shen W (2017) An access control model for preventing virtual machine escape attack. Futur Internet 9(2). https://doi.org/10.3390/fi9020020
Khan MA (2016) A survey of security issues for cloud computing. J Netw Comput Appl 71:11–29. https://doi.org/10.1016/j.jnca.2016.05.010
Liu F, Ge Q, Yarom Y, Mckeen F, Rozas C, Heiser G, Lee RB (2016) Catalyst: defeating last-level cache side channel attacks in cloud computing. In: 2016 IEEE international symposium on high performance computer architecture (HPCA), pp 406–418. IEEE
Maheswara Reddy Gali A, Koduganti VR (2021) Dynamic and scalable virtual machine placement algorithm for mitigating side channel attacks in cloud computing. Mater Today Proc. https://doi.org/10.1016/j.matpr.2020.12.1136
Zhang J, Zheng L, Gong L, Gu Z (2018) A survey on security of cloud environment: threats, solutions, and innovation. In: 2018 IEEE third international conference on data science in cyberspace, pp 910–916. https://doi.org/10.1109/DSC.2018.00145
Chi Y (2017) Design and implementation of cloud platform intrusion prevention system based on SDN, pp 847–852
Chandrakala N, Rao BT (2018) Migration of virtual machine to improve the security in cloud computing, vol 8, no 1, pp 210–219. https://doi.org/10.11591/ijece.v8i1.pp210-219
Mahfouz AM, Rahman L, Shiva SG. Secure live virtual machine migration through runtime monitors
Vateva-Gurova T, Suri N, Mendelson A (2015) The impact of hypervisor scheduling on compromising virtualized environments. In: Proceedings—15th IEEE International Conference on Computing Information Technology, CIT 2015, 14th IEEE International Conference Ubiquitous Computing Communication, IUCC 2015, IEEE international conference on automated software engineering, pp 1910–1917. https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.283
Modi C, Patel D, Borisaniya B, Patel H (2013) A survey of intrusion detection techniques in Cloud. J Netw Comput Appl 36(1):42–57. https://doi.org/10.1016/j.jnca.2012.05.003
Tadokoro H, Kourai K, Chiba S (2012) Preventing information leakage from virtual machines. Memory IaaS Clouds 7:1421–1431
Zhou F, Desnoyers P (2011) Scheduler vulnerabilities and coordinated attacks in cloud computing. https://doi.org/10.1109/NCA.2011.24
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Ali, S.A., Memon, S., Memon, N. (2023). Cloud Virtualization Attacks and Mitigation Techniques. In: Abd El-Latif, A.A., Maleh, Y., Mazurczyk, W., ELAffendi, M., I. Alkanhal, M. (eds) Advances in Cybersecurity, Cybercrimes, and Smart Emerging Technologies. CCSET 2022. Engineering Cyber-Physical Systems and Critical Infrastructures, vol 4. Springer, Cham. https://doi.org/10.1007/978-3-031-21101-0_12
Download citation
DOI: https://doi.org/10.1007/978-3-031-21101-0_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-21100-3
Online ISBN: 978-3-031-21101-0
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)