Abstract
Virtualization, the process of allowing efficient utilization of physical computer hardware, is the core of many new technologies. With this comes the importance of understanding the related security aspects to avoid the compromise of underlying resources and services. In this paper, we provide an overview on the two main virtualization architectures and the different types of virtualization approaches related to those architectures. We also review the literature for virtualization security requirements and security attacks. We highlight the latest security techniques proposed in the literature. Due to the growth of cloud computing in the industry, we also discuss virtualization security in the industry. As a result, we have found that the gap between academia and industry has become very small in this field, and more importance should be given to client and service provider responsibility awareness.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Yu FR, Liu J, He Y, Si P, Zhang Y (2018) Virtualization for distributed ledger technology (vdlt). IEEE Access 6:25019–25028
Sierra-Arriaga F, Branco R, Lee B (2020) Security issues and challenges for virtualization technologies. ACM Comput Surv 53(2):1–37
Kazim M, Masood R, Shibli MA, Abbasi AG (2013) Security aspects of virtualization in cloud computting. In: IFIP international conference on computer information systems and industrial management. Springer, pp 229–240
Szefer J, Keller E, Lee RB, Rexford J (2011) Eliminating the hypervisor attack surface for a more secure cloud. In: Proceedings of the 18th ACM conference on computer and communications security, pp 401–412
Szefer J, Lee RB (2011) A case for hardware protection of guest vms from compromised hypervisors in cloud computing. In: 2011 31st international conference on distributed computing systems workshops. IEEE, pp 248–252
Souppaya MP, Scarfone K, Hoffman P (2011) Guide to security for full virtualization technologies
Sabahi F (2012) Secure virtualization technology. Int J Comput Theory Eng 4(5):826
Gofman MI, Luo R, Yang P, Gopalan K (2011) Sparc: a security and privacy aware virtual machine check- pointing mechanism. In: Proceedings of the 10th annual ACM workshop on privacy in the electronic society, pp 115–124
Jin S, Ahn J, Cha S, Huh J (2011) Architectural support for secure virtualization under a vulnerable hypervisor. In: 2011 44th annual IEEE/ACM international symposium on microarchitecture (MICRO). IEEE, 272–283
Ibrahim AS, Hamlyn-Harris J, Grundy J (2016) Emerging security challenges of cloud virtual infrastructure, arXiv preprint arXiv:1612.09059
Compasti´e M, Badonnel R, Festor O, He R (2020) From virtualization security issues to cloud protection opportunities: an in-depth analysis of system virtualization models. Comput Secur 97:101905
Patil R, Modi C (2019) An exhaustive survey on security concerns and solutions at different components of virtualization. ACM Comput Surv (CSUR) 52(1):1–38
Reuben JS (2007) A survey on virtual machine security. Helsinki Univ Technol 2(36)
Chen L, Xian M, Liu J, Wang H (2020) Research on virtualization security in cloud computing. In: IOP conference series: materials science and engineering, vol 806(1). IOP Publishing, p 012027
Devi K, S G, R D (2018) Virtualization in cloud computing. IJARCCE 7(11):104–108
Wang Z, Jiang X (2010) Hypersafe: a lightweight approach to provide lifetime hypervisor control-flow integrity. In: 2010 IEEE symposium on security and privacy. IEEE, 380–395
Pelleg D, Ben-Yehuda M, Harper R, Spainhower L, Adeshiyan T (2008) Vigilant: out-of-band detection of failures in virtual machines. ACM SIGOPS Operati Syst Rev 42(1):26–31
Lombardi F, Di Pietro R (2011) Secure virtualization for cloud computing. J Netw Comput Appl 34(4):1113–1122
Wei J, Zhang X, Ammons G, Bala V, Ning P (2009) Managing security of virtual machine images in a cloud environment. In: Proceedings of the 2009 ACM workshop on Cloud computing security, pp 91–96
Zhou W, Ning P, Zhang X, Ammons G, Wang R, Bala V (2010) Always up-to-date: scalable offline patching of vm images in a compute cloud. In: Proceedings of the 26th annual computer security applications conference, pp 377–386
Tank DM, Aggarwal A, Chaubey NK (2021) Cyber security aspects of virtualization in cloud computing environments: analyzing virtualization-specific cyber security risks. In: Research anthology on privatizing and securing data. IGI Global, pp 1658–1671
Tank D, Aggarwal A, Chaubey N (2019) Virtualization vulnerabilities, security issues, and solutions: a critical study and comparison. Int J Inf Technol 1–16
“MITRE ATTCK®.” [Online]. Available: https://attack.mitre.org/
Elsadig Abdalla Abdalla M (2020) Virtualization security issues: security issues arise in the virtual environment
Cueva-Parra L, Sahinoglu M (2009) Security metrics on cloud computing using statistical simulation and Markov process. In: 12th SDPS transdisciplinary conference proceedings on integrated systems, design and process science, Montgomery, Alabama
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Al Zoubi, R., Mahfood, B., Abbas, S. (2022). Security Issues and Defenses in Virtualization. In: Ullah, A., Anwar, S., Rocha, Á., Gill, S. (eds) Proceedings of International Conference on Information Technology and Applications. Lecture Notes in Networks and Systems, vol 350. Springer, Singapore. https://doi.org/10.1007/978-981-16-7618-5_52
Download citation
DOI: https://doi.org/10.1007/978-981-16-7618-5_52
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-7617-8
Online ISBN: 978-981-16-7618-5
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)