Skip to main content
SpringerLink
Log in

Cloud Virtualization Attacks and Mitigation Techniques

  • Conference paper
  • First Online:
Advances in Cybersecurity, Cybercrimes, and Smart Emerging Technologies (CCSET 2022)

Part of the book series: Engineering Cyber-Physical Systems and Critical Infrastructures ((ECPSCI,volume 4))

  • 368 Accesses

Abstract

The exponentially growing cloud technology equip organizations which they need to scale up their business without spending much on the IT infrastructure indeed. Services-based Cloud computing is a Leading-edge platform that allures the organization by its pervasiveness, elasticity, on-demand availability of the services, pays per usage model. All these features make the cloud an ideal environment for organizations and individuals. Virtualization is a key component of cloud computing that makes the virtual instances of cloud computing resources, including Network, Storage, Servers so that these instances could run on multiple machines at the same time to reduce the workload and the financial cost. The virtualization is implemented by using a special kind of software built on a large complex code is known as hypervisor or Virtual Machine Monitor (VMM). the hypervisor is responsible to control the overall functioning of the virtualized infrastructure including the virtual machines running on top of the virtualized layer by abstracting the host hardware. The vulnerabilities found in the hypervisor may be exploited by the cybercriminals resulting in taking full control of the environment. This study highlights the cyber-attack on virtualization and how the malicious actor can use virtualization, as an attack surface to aggravate the cloud services. This paper presents various vulnerabilities found in different hypervisors, gives an overview of various cyber-attacks on the virtualization platform. These attacks are further categorized as hypervisor-based and Virtual machine-based with explanation and pinpointing the solutions by mining the literature.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 219.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 279.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 279.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Ruan K, Carthy J, Kechadi T, Crosbie M (2011) Cloud forensics, pp 35–46. doi: https://doi.org/10.1007/978-3-642-24212-0_3

  2. Mell P, Grance T (2011) The NIST definition of cloud computing recommendations of the national institute of standards and technology. Natl Inst Stand Technol Inf Technol Lab 145:7. https://doi.org/10.1136/emj.2010.096966

    Article  Google Scholar 

  3. Khorshed T, Ali ABMS, Wasimi SA (2012) A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing. Futur Gener Comput Syst 28(6):833–851. https://doi.org/10.1016/j.future.2012.01.006

    Article  Google Scholar 

  4. Jain R. Virtualization security in data centers and clouds, pp 1–12

    Google Scholar 

  5. Malhotra L, Agarwal D, Jaiswal A (2014) Information technology & software engineering virtualization in cloud computing, vol 4, no 2, pp 2–4. https://doi.org/10.4172/2165-7866.1000136

  6. Almutairy NM, Al-Shqeerat KHA, Al Hamad HA (2019) A taxonomy of virtualization security issues in cloud computing environments. Indian J Sci Technol 12(3):1–19. https://doi.org/10.17485/ijst/2019/v12i3/139557

  7. Shukur H, Zeebaree S, Zebari R, Zeebaree D, Ahmed O, Salih A (2020) Cloud computing virtualization of resources allocation for distributed systems. J Appl Sci Technol Trends 1(3):98–105. https://doi.org/10.38094/jastt1331

    Article  Google Scholar 

  8. Saleem M (2017) Cloud computing virtualization. Int J Comput Appl Technol Res 6(7):290–292. https://doi.org/10.7753/ijcatr0607.1004

    Article  Google Scholar 

  9. Zhu G, Yin Y, Cai R, Li K(2017) Detecting virtualization specific vulnerabilities in cloud computing environment. In: IEEE international conference cloud computing CLOUD, vol 2017, June 2017, pp 743–748. https://doi.org/10.1109/CLOUD.2017.105

  10. Tank D, Aggarwal A, Chaubey N (2019) Virtualization vulnerabilities, security issues, and solutions: a critical study and comparison. Int J Inf Technol. https://doi.org/10.1007/s41870-019-00294-x

    Article  Google Scholar 

  11. Daneshkhah A, Hosseinian Far A, Carroll F, Montasari R, Macdonald S (2021) Network and hypervisor-based attacks in cloud computing environments. Int J Electron Secur Digit Forensics 1(1):1. https://doi.org/10.1504/ijesdf.2021.10036493

  12. Aalam Z, Kumar V, Gour S (1950) A review paper on hypervisor and virtual machine security. J Phys Conf Ser 1:2021. https://doi.org/10.1088/1742-6596/1950/1/012027

    Article  Google Scholar 

  13. Xiao J, Lu L, Huang H, Wang H (2018) Virtual machine extrospection: a reverse information retrieval in cloud. IEEE Trans Cloud Comput 9:401–403. https://doi.org/10.1109/TCC.2018.2855143

  14. Kortchinsky K. Immunity, Inc. 05/26/10 1

    Google Scholar 

  15. Elhage N (2011) Virtunoid: breaking out of KVM KVM: architecture overview attack surface bypassing ASLR

    Google Scholar 

  16. Ren XY, Zhou YQ (2016) A review of virtual machine attack based on Xen. In: MATEC Web of Conferences, vol 61, p 03003. EDP Sciences

    Google Scholar 

  17. Narayana KE, Jayashree K (2020) Survey on cross virtual machine side channel attack detection and properties of cloud computing as sustainable material. Mater Today Proc 45:6465–6470. https://doi.org/10.1016/j.matpr.2020.11.283

    Article  Google Scholar 

  18. Ahmad RW, Gani A, Hamid SHA, Shiraz M, Yousafzai A, Xia F (2015) A survey on virtual machine migration and server consolidation techniques for cloud data centers. J Netw Comput Appl 52:11–25. https://doi.org/10.1016/j.jnca.2015.02.002

    Article  Google Scholar 

  19. Malhotra D (2018) A critical survey of virtual machine migration techniques in cloud computing. In: 2018 first international conference on secure cyber computing and communication (ICSCCC), pp 328–332. IEEE

    Google Scholar 

  20. Tohidirad Y, Abdezadeh S, Aliabadi ZS, Azizi A, Moradi M (2015) Virtual machine scheduling in cloud computing environment. Int J Manag Pub Sect Inf Commun Technol 6(4):1–6. https://doi.org/10.5121/ijmpict.2015.6401

  21. Liu L, Qiu Z (2017) A survey on virtual machine scheduling in cloud computing. In: 2016 2nd IEEE International Conference Computing Communication, ICCC 2016—Proceedings, pp 2717–2721. https://doi.org/10.1109/CompComm.2016.7925192

  22. Supreeth S, Patil KK (2019) Virtual machine scheduling strategies in cloud computing—a review. Int J Emerg Technol 10(3):181–188

    Google Scholar 

  23. Kumar V, Rathore RS (2018) Security issues with virtualization in cloud computing. In: Proceedings—2018 international conference on advances in computing, communication control and networking, ICACCCN 2018, pp 487–491. https://doi.org/10.1109/ICACCCN.2018.8748405

  24. Cowan C, Wagle F, Pu C, Beattie S, Walpole J (2000). Buffer overflows: attacks and defenses for the vulnerability of the decade. In: Proceedings DARPA information survivability conference and exposition, DISCEX’00. IEEE, vol 2, pp 119–129

    Google Scholar 

  25. Sahu SK, Khare DRK (2020) DDOS attacks & mitigation techniques in cloud computing environments. Gedrag Organ Rev 33(2). https://doi.org/10.37896/gor33.02/246

  26. Higgins KJ (2009) Hacking tool lets a vm break out and attack its host. Darkreading. [Online], 4. https://www.darkreading.com/risk/hacking-tool-lets-a-vm-break-out-and-attack-its-host

  27. Dubrulle P, Sirdey R, Doré P, Aichouch M, Ohayon E (2015) Blind hypervision to protect virtual machine privacy against hypervisor escape vulnerabilities. In: Proceeding—2015 IEEE international conference on industrial informatics, INDIN 2015, pp 1394–1399. https://doi.org/10.1109/INDIN.2015.7281938

  28. Wu J, Lei Z, Chen S, Shen W (2017) An access control model for preventing virtual machine escape attack. Futur Internet 9(2). https://doi.org/10.3390/fi9020020

  29. Khan MA (2016) A survey of security issues for cloud computing. J Netw Comput Appl 71:11–29. https://doi.org/10.1016/j.jnca.2016.05.010

    Article  Google Scholar 

  30. Liu F, Ge Q, Yarom Y, Mckeen F, Rozas C, Heiser G, Lee RB (2016) Catalyst: defeating last-level cache side channel attacks in cloud computing. In: 2016 IEEE international symposium on high performance computer architecture (HPCA), pp 406–418. IEEE

    Google Scholar 

  31. Maheswara Reddy Gali A, Koduganti VR (2021) Dynamic and scalable virtual machine placement algorithm for mitigating side channel attacks in cloud computing. Mater Today Proc. https://doi.org/10.1016/j.matpr.2020.12.1136

  32. Zhang J, Zheng L, Gong L, Gu Z (2018) A survey on security of cloud environment: threats, solutions, and innovation. In: 2018 IEEE third international conference on data science in cyberspace, pp 910–916. https://doi.org/10.1109/DSC.2018.00145

  33. Chi Y (2017) Design and implementation of cloud platform intrusion prevention system based on SDN, pp 847–852

    Google Scholar 

  34. Chandrakala N, Rao BT (2018) Migration of virtual machine to improve the security in cloud computing, vol 8, no 1, pp 210–219. https://doi.org/10.11591/ijece.v8i1.pp210-219

  35. Mahfouz AM, Rahman L, Shiva SG. Secure live virtual machine migration through runtime monitors

    Google Scholar 

  36. Vateva-Gurova T, Suri N, Mendelson A (2015) The impact of hypervisor scheduling on compromising virtualized environments. In: Proceedings—15th IEEE International Conference on Computing Information Technology, CIT 2015, 14th IEEE International Conference Ubiquitous Computing Communication, IUCC 2015, IEEE international conference on automated software engineering, pp 1910–1917. https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.283

  37. Modi C, Patel D, Borisaniya B, Patel H (2013) A survey of intrusion detection techniques in Cloud. J Netw Comput Appl 36(1):42–57. https://doi.org/10.1016/j.jnca.2012.05.003

    Article  Google Scholar 

  38. Tadokoro H, Kourai K, Chiba S (2012) Preventing information leakage from virtual machines. Memory IaaS Clouds 7:1421–1431

    Google Scholar 

  39. Zhou F, Desnoyers P (2011) Scheduler vulnerabilities and coordinated attacks in cloud computing. https://doi.org/10.1109/NCA.2011.24

Download references

Author information

Authors and Affiliations

  1. Faculty of Engineering and Technology, A. H. S. Bukhari Post Graduate Centre of ICT, University of Sindh, Jamshoro, Pakistan

    Syed Ahmed Ali, Shahzad Memon & Nisar Memon

Authors
  1. Syed Ahmed Ali
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shahzad Memon
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nisar Memon
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Syed Ahmed Ali .

Editor information

Editors and Affiliations

  1. Faculty of Science, Department of Mathematics and Computer Science, Menoufia University, Shebin El-Koom, Egypt

    Ahmed A. Abd El-Latif

  2. Sultan Moulay Slimane University, Khouribga, Morocco

    Yassine Maleh

  3. Institute of Computer Science, Warsaw University of Technology, Warsaw, Poland

    Wojciech Mazurczyk

  4. EIAS Data Science Lab, College of Computer and Information Sciences, Department of Computer Science, Prince Sultan University, Riyadh, Saudi Arabia

    Mohammed ELAffendi

  5. Prince Sultan University, Riyadh, Saudi Arabia

    Mohamed I. Alkanhal

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ali, S.A., Memon, S., Memon, N. (2023). Cloud Virtualization Attacks and Mitigation Techniques. In: Abd El-Latif, A.A., Maleh, Y., Mazurczyk, W., ELAffendi, M., I. Alkanhal, M. (eds) Advances in Cybersecurity, Cybercrimes, and Smart Emerging Technologies. CCSET 2022. Engineering Cyber-Physical Systems and Critical Infrastructures, vol 4. Springer, Cham. https://doi.org/10.1007/978-3-031-21101-0_12

Download citation

Publish with us

Policies and ethics

Search

Navigation