Virtual machine security challenges: case studies

Currently Virtual Machines (VMs) have many applications and their use is growing constantly as the hardware gets more powerful and usage more regulated allowing for scaling, monitoring, portability, security applications and many other uses. There are many types of virtualization techniques that can be employed on many levels from simple sandbox to full fledged streamlined managed access. While scaling, software lifecycles and diversity are just some of security challenges faced by VM developers the failure to properly implement those mechanisms may lead to VM escape, host access, denial of service and more. There are many exploits found in the last couple of years which were fixed on latest versions but some systems are still running them and vulnerable as presented, mostly to host based attacks and some have dramatic consequences.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic €32.70 /Month

Buy Now

Price includes VAT (France)

Instant access to the full article PDF.

Rent this article via DeepDyve

Similar content being viewed by others

Virtualization vulnerabilities, security issues, and solutions: a critical study and comparison

Article 27 February 2019

Virtualization Technologies and Cloud Security: Advantages, Issues, and Perspectives

Chapter © 2018

Security Issues and Defenses in Virtualization

Chapter © 2022

Explore related subjects

References

  1. Shroff A, Donthireddy VR—itlinfosys.com. Virtualization imperatives and performance. http://www.infosys.com/IT-services/application-services/white-papers/Documents/virtualization-imperatives-performance.pdf. Accessed 10 Feb 2013
  2. Reuben JS (2007) A survey on virtual machine security, TKK T-110.5290 seminar on network. http://www.tml.tkk.fi/Publications/C/25/papers/Reuben_final.pdf. Accessed 10 Feb 2013
  3. Rose R (2004) Survey of system virtualization techniques. http://citeseer.ist.psu.edu/720518.html. Accessed 10 Feb 2013
  4. Garfinkel T, Rosenblum M (2003) A virtual machine introspection based architecture for intrusion detection. In: Proc. Net. and Distributed Sys. Sec. Symp., Feb 2003
  5. Nellitheertha H—InfoSys.com (2006) Virtualization technologies, white paper. http://216.52.49.31/IT-services/infrastructure-services/white-papers/virtualization-technologies.pdf. Accessed 10 Feb 2013
  6. Reuben JS (2007) A survey on virtual machine security. Helsinki University of Technology. http://www.tml.tkk.fi/Publications/C/25/papers/Reuben_final.pdf. Accessed 10 Feb 2013
  7. Nakajima J, Mallick AK (2007) Hybrid-virtualization—enhanced virtualization for Linux. In: Proc. of the 2007 Linux Symposium, 2007. http://kernel.org/doc/ols/2007/ols2007v2-pages-87-96.pdf. Accessed 10 Feb 2013
  8. Menasc′e DA (2005) Virtualization: concepts, applications, and performance modeling. Int. CMG Conference, Orlando, Florida, USA, pp 407–414
  9. Marinescu D, Kröger R. State of the art in autonomic computing and virtualization. Technical report, Distributed Systems Lab, Wiesbaden University of Applied Sciences. http://wwwvs.cs.hs-rm.de/downloads/extern/pubs/techreports/STAR.pdf. Accessed 10 Feb 2013
  10. Cleeff AV, Pieters W, Wieringa R. Security implications of virtualization: a literature study. University of Twente. http://doc.utwente.nl/67484/1/Security_Implications_of_Virtualization.pdf. Accessed 10 Feb 2013
  11. Garfinkel T, Rosenblum M (2005) When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments. Tenth Workshop on Hot Topics in Operating Systems (HotOS), June 2005
  12. Rehman A, Saba T (2012) Evaluation of artificial intelligent techniques to secure information in enterprises. Artif Intell Rev. doi:10.1007/s10462-012-9372-9Google Scholar
  13. Higgins KJ (2007) Vm’s create potential risks. Technical report, dark READING. http://www.darkreading.com/document.asp?doc_id=117908. Accessed 10 Feb 2013
  14. Sailer R, Valdez E, Jaeger T, Perez R, van Doorn L, Griffin JL, Berger S (2005) sHype: secure hypervisor approach to trusted virtualized systems. IBM, Yorktown Heights NY, RC23511
  15. Ferrie P (2007) Attacks on virtual machine emulators. Symantec Advanced Threat Research
  16. King ST, Chen PM (2006) SubVirt: implementing malware with virtual machines. University of Michigan, Ann Arbor Google Scholar
  17. GOODFELLAS Security Research TEAM (2007) [http://goodfellas.shellcode.com.ar]. VmWare Inc version 6.0.0 CreateProcess & CreateProcessEx Remode code execution exploit. http://www.milw0rm.com/exploits/4245. Accessed 10 Feb 2013
  18. Core Security Technologies—CoreLabs Advisory (2008) [http://www.coresecurity.com/corelabs/]. Sun xVM VirtualBox privilege escalation vulnerability. http://www.milw0rm.com/exploits/6218. Accessed 10 Feb 2013
  19. Oberheide J, Cooke E, Jahanian F (2008) Empirical exploitation of live virtual machine migration. http://www.eecs.umich.edu/techreports/cse/2007/CSE-TR-539-07.pdf. Accessed 10 Feb 2013
  20. Mann A (2007) The pros and cons of virtualization.BTQ. http://btquarterly.com/?mc=pros-consvirtualization&page=virt-view%research. Accessed 10 Feb 2013
  21. Vilkeliskis T (2009) Sun’s VirtualBox host reboot PoC. http://www.milw0rm.com/exploits/9323. Accessed 10 Feb 2013
  22. Huston B (2007) Security tip: 3 steps towards securing virtual machines. Security. http://security.itworld.com/4367/nlssecurity071009/page_1.html. Accessed 10 Feb 2013
  23. Kirch J (2007) Virtual machine security guidelines. The center for internet security. http://www.cisecurity.org/tools2/vm/CIS_VM_Benchmark_v1.0.pdf. Accessed 10 Feb 2013
  24. Alfredo. Persistent BIOS Infection. Phrack. [Online]. 13(66). http://phrack.org/issues.html?issue=66&id=7. Accessed 10 Feb 2013
  25. Ferrie P (2013) Attacks on virtual machine Emulators. SYMANTEC ADVANCED THREAT RESEARCH. http://www.symantec.com/avcenter/reference/Virtual_Machine_Threats.pdf. Accessed 10 Feb 2013
  26. Saba T, Rehman A (2012) Effects of artificially intelligent tools on pattern recognition. Int J Mach Learn Cybern. doi:10.1007/s13042-012-0082-zGoogle Scholar

Acknowledgments

My thanks and appreciation to the Deanship for Scientific Research at King Saud University Riyadh Saudi Arabia for funding this research.

Author information

Authors and Affiliations

  1. Faculty of Computing, Universiti Teknologi Malaysia, Skudai, Malaysia Amjad Rehman
  2. College of Computer and Information Science, Al-Imam M.Saud Islamic University, Riyadh, Kingdom of Saudi Arabia Sultan Alqahtani
  3. College of Applied Studies and Community Services, King Saud University, Riyadh, Kingdom of Saudi Arabia Ayman Altameem
  4. College of Engineering and Computer Sciences, Salman Abdul Aziz University, Alkharj, Kingdom of Saudi Arabia Tanzila Saba
  1. Amjad Rehman