Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
Virtualization and Security Aspects: An Overview
Rui Filipe Pereira
Lab UbiNET – Computer Science Security and Cybercrime
Polytechnic Institute Of Beja
Beja, Portugal
Rui Miguel Silva
Lab UbiNET – Computer Science Security and Cybercrime
Polytechnic Institute Of Beja
Beja, Portugal
João Pedro Orvalho
Lab UbiNET – Computer Science Security and Cybercrime
Polytechnic Institute Of Beja
Beja, Portugal
rui.pereira@protonmail.ch
ruisilva@acm.org
mail@joaoorvalho.com
Abstract
Virtualization allows a single system to concurrently run multiple isolated virtual machines,
operating systems (OSes) or multiple instances of a single OS. It helps organizations to improve
operational efficiency, reduce costs, improve the use of hardware, and to allocate resources ondemand. Nevertheless, like most technologies, it has vulnerabilities and threats. Research about
security issues related to virtualization has been conducted for several years. However, there are
still open challenges related to security in virtualization. This paper looks into some of the
differences, issues, challenges, and risks caused by virtualization and aims to classify the various
virtualization approaches, along with their goals, advantages and drawbacks from a security
perspective. Such classification is expected to help in the identification of virtualization
technologies that might be applied in a virtualized infrastructure.
This work is intended to be an introduction to the security considerations, concerns, and
implications arising from use of virtualized systems.
Keywords: Virtualization, Cybersecurity, Hypervisor, Virtual Machine, Virtual Machine Monitor.
1. INTRODUCTION
Virtualization is a technology that uses a logical environment to overcome the physical limitations
of hardware. Due to its characteristics of encapsulation and isolation, virtualization is the basis for
cloud computing paradigm. It can be characterized as a complex technology with many facets
and numerous types of controls that can be implemented to protect virtual assets and their host’s
machines. It is an opportunity, but also a threat [1].
Some studies have shown that users who are planning to migrate to cloud computing are
considering security as one of the most important factors [2]. Past events have shown that
software vulnerabilities are unlikely to stop, and virtualization is also prone to these traditional
software vulnerabilities (e.g. buffer overflow vulnerability). Furthermore, the design,
implementation and deployment of virtualization technology has revealed new threats and
security issues that, although not specific to virtualization, take new forms in relation to it [3].
In [4], was showed how insecure virtual hosts may be, due to poor virtualization software designs
and code. Several efforts have been made to address virtualization software security issues
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
154
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
through the use of sandboxes [5], or by measuring the runtime integrity of virtualization software
components [6].
Current OSes provide an abstraction of processes to achieve resource sharing and isolation.
However, from a security perspective, an attacker who compromises a process may gain full
control over the system [7]. This makes the security systems that are running on the same
system, such as anti-virus programs and intrusion detection systems, also vulnerable to attacks.
In response to the imperfect isolation among processes, virtualization can be used to ensure the
confidentiality and integrity of information. Secure isolation is one of the most important concepts
of virtualization [4]. Managing the security of a physical machine can usually be seen as familiar,
using well-known procedures as this has been done for many years. However, with virtualization
on a single physical machine can be multiple OSes, multiple network interfaces and hundreds of
applications or services, making the technological infrastructure increasingly complex and
heterogeneous.
Virtualization does not mean security or replacement of security. In fact, virtualization brings a
more complex and risky security environment to manage [8].
This is an evolving technology that adds more complexity to the already difficult path to
compliance due to the strict requirements of standards and regulations [9]. With virtualization,
virtual servers commonly have multiple functions, such as databases and web servers, running
on a single physical server. However, according to the section 2.2.1 of Payment Card Industry
Security Standards Council (PCI DSS), a server should perform only one primary function per
server, which goes against the goal of virtualization technology (to promote the consolidation of
multiple services on a single server) [10].
Virtualization presents a challenging topic that combines different software and/or hardwarebased technologies to create an abstraction layer.
The distinct types of virtualization technologies, and security implications on virtualized
infrastructures will be presented throughout this paper as well as a detailed analysis of attack
strategies that can be used against virtualization infrastructures. Plus, a set of general
recommendations is provided to achieve safer virtualized implementations.
This study aims to classify various virtualization approaches, goals, advantages and drawbacks
from a security perspective. The work also present attack vectors, security risks in virtualized
infrastructures, and various possible threats associated with virtualized environments. It is also
proposed a set of general recommendations to achieve safer virtualized implementations.
In this paper, an extensive literature search has been conducted. The literature is retrieved from
well-known sources such as leading journals and additional literature is found by tracing back the
cited papers and forward towards conferences papers. Literature from other sources was also
included, such as datasheets from virtualization product vendors such as VMware. Major
publications from the literature have been grouped and studied, as it allows the analysis and
discussion of multiple aspects of virtualization and security concerns.
The remainder of this paper is organized as follows. The next section discusses virtualization
components, Section 3 addresses the classification of virtualization technologies, Section 4
clarifies security terms and definitions, Section 5 mentions attack vectors and security threats in
virtualized infrastructures, and in the Section 6 several attacks and security risks in virtualization
infrastructures are mentioned. Finally, Section 7 mentions security considerations and Section 8
presents the conclusion.
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
155
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
2. VIRTUALIZATION COMPONENTS
In this section are described components related to virtualization.
2.1 Hypervisor
Also known as Virtual Machine Monitor (VMM) [11]–[16], it is the main component of a
virtualization system and keeps track of activities carried out by virtual machines (i.e., it manages
VM applications), forwards hardware requests to physical resources, provides replicated
platforms, and supports resource sharing among different virtual machines.
It provides an abstraction layer to virtualized systems, thus emulating hardware devices for each
virtual machine and making virtual communications available between VMs and physical
resources, acting as a mediator between virtual machines and the underlying physical devices.
There are two types of hypervisors, namely: bare-metal and hosted [17], [18]:
Type 1 (bare-metal): also known as native. Hypervisor runs directly on the system
hardware (e.g. Vmware ESXi, Xen);
Type 2 (hosted): hypervisor runs, as an application, on a host OS that provides
virtualization services (e.g. Oracle VM VirtualBox, VMware Workstation).
Hypervisors of type 1 are mainly OS that boot with the system and are used as virtualization
servers. The security of a virtualization system is based on the security capabilities of the VMM.
Based on the architecture, the type 1 can be classified in two models, microkernel and monolithic:
Monolithic: device drivers are included in the hypervisor core, providing a better
performance as communications between hardware and software dot not require any
intermediate. However, as a consequence, the hypervisor requires more lines of code,
increasing the attack surface;
Microkernel: device drivers are installed on the OS of the guest machine, reducing the
footprint of VMM. Moreover, communication between software and hardware is mediated
by the VMM, leading to a better security but a worse performance.
In type 2, the host's OS is responsible for managing and providing the I/O of the virtual machines,
adding another layer of abstraction [17], [18].
From a security perspective, there is a strong divergence between type 1 and type 2 hypervisors,
because the attack surface is considerably larger in the type 2 hypervisors since the OS where
the hypervisor is installed is a whole surface that can be attacked.
A VMM is responsible for performing two essential tasks: enforcing isolation between VMs and
managing the underlying hardware resources.
All interactions between VMs and hardware must go through the VMM. Any hosted VM must be
prevented from accessing parts of the memory that belong to another VM, similarly, that a
potential failure in a VM should not interfere with the normal behavior of other VMs. To provide
isolation and minimize the consequences of errors in the software, VMM uses the Memory
Management Unit (MMU) as well as other hardware units.
The hypervisor should manage CPU load balancing, map physical addresses to logical memory
addresses, migrate VMs between physical systems and so forth, while protecting the integrity of
each VM and protecting the stability of the entire system [19].
Hypervisors should be as minimal and light as possible to achieve efficiency and "optimal"
security. Hypervisors are considered more secure than OSes in general [20].
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
156
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
2.2 Guest Machine
Also known as virtual machine, it instantiates the virtualized (encapsulated) system composed by
the OS and applications, using the hardware abstraction provided by the VMM. Guest machines
are isolated by the hypervisor, which controls their activities, and behave as if they were in a
single execution environment with their own dedicated resources. Each guest machine can install
a different OS to support virtualization heterogeneity [17].
2.3 Host Machine
Host machine is the real physical machine and its OS (host OS) that hosts the virtualized
environment. The host OS directly manages the underlying physical hardware, the virtualized
environment, and is where the hypervisor is operated. Sometimes the term "host OS" also refers
to the privileged VMs, which, in specific virtualization approaches, support the operation of the
virtual machines (e.g., providing a set of drivers to facilitate access to the underlying physical
hardware) [17].
2.4 Management Server
It is the virtualization platform composed of a set of components for directly managing the virtual
machines, consolidating services, allocating resources, migrating virtual machines, assuring high
availability, among others [17].
2.5 Management Console
It is the component that provides access to a management interface to the virtualization system
for configuring and managing virtual machines. Virtual machines can thus be added, modified,
deleted or configured. It can be provided as a standalone client or via a web interface to visually
handle management server functionalities.
Examples of management consoles include VMware vSphere client console and the VMware
vSphere web client [17].
2.6 Network Components
They facilitate the development of virtual networks, where virtual network devices (e.g., switches,
routers) are completely controlled through software and the network protocols and hardware are
simulated. Virtual machines can be connected in the same way as physical machines and built on
host-machine physical network infrastructure to connect to the public network [17].
2.7 Virtualized Storage
It provides all the components for abstracting physical storage in a single storage device which
can be accessed either over the network or through a direct connection. Storage virtualization
introduces additional management overhead, since stored data can be only logically partitioned in
different storage locations while belonging to the same shared storage.
Storage virtualization can address many types of physical storage technologies, including direct
attached storage (DAS), storage area network (SAN), and network attached storage (NAS).
Examples of these devices include RAID arrays hosted inside a server computer (DAS), storage
devices collecting all datacenter data such as EMC VNX7500 (SAN), and a simple storage
component that offers network file-level access through a wide variety of application protocols
such as CIFS or NFS [17].
3. CLASSIFICATION OF VIRTUALIZATION TECHNOLOGIES
Virtualization technologies are classified according to their degree of hardware emulation and
virtualization level. It is possible to distinguish between approaches that provide full hardware
emulation and approaches that provide hardware virtualization (or OS virtualization or partial
hardware emulation).
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
157
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
Besides system-level virtualization (hardware emulation, full virtualization, paravirtualization,
hardware-assisted virtualization) where virtualization is at the granularity of a virtual machine
executing a complete system, it is also described in this section two further classes, namely OSlevel virtualization and application-level virtualization.
Table 1 summarizes the comparison of virtualization types in Hypervisors.
Full
Hardware
Virtualization
Assisted
with Binary Virtualization
Translation
Root mode in
privileged
instructions
OS Assisted
Virtualization/
Paravirtualization
Technique
Direct
Translation and
Execution
Hypercalls
Modification of
the Guest OS
and
Compatibility
It is not
necessary to
modify the
Guest OS;
Excellent
Compatibility
Performance
Good
Fair
Better in some conditions
Used by
VMware,
Microsoft,
Parallels
VMware,
Microsoft,
Parallels, Xen
VMware, Xen
It is not
Guest OS is modified for
necessary to
Hypercalls, so it does not
modify the Guest run on Native Hardware or
OS; Excellent
another Hypervisor; Poor
Compatibility
Compatibility; Not available
on Windows systems
TABLE 1: Comparison of virtualization types in Hypervisors.
3.1 Full Virtualization with Binary Translation
Full virtualization supports virtualization of x86 systems by simulating the underlying hardware.
The hardware is simulated in software by each virtual machine.
Full virtualization can be based on a mix of binary translation of kernel code and direct execution
of user-level code.
The guest OS runs unmodified with no need for hardware or OS support. With binary translation
the OS does not need to be aware that virtualization software runs on the system. The underlying
hardware and the guest OS are fully abstracted and separated, and within them lies the
virtualization layer provided by the VMM.
Binary translation transforms and caches the kernel code that needs to be executed by the guest
OS. Full virtualization provides a solution with highest isolation and security, while it decreases
performance and adds more overhead as instructions are translated in real time [17], [19], [21].
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
158
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
Figure 1 illustrates this approach.
FIGURE 1: Binary translation approach to x86 virtualization [22].
The hypervisor, in ring 0, is responsible for capturing privileged instructions that could not be
virtualized, translating them and replacing them with new instructions that have an effect on
virtual hardware.
The fact that the OS does not need to know that it is being executed by the complete
virtualization technique with binary translation is an advantage as several kernels of OSes cannot
be modified.
3.2 OS Assisted Virtualization or Paravirtualization
It is a technique that modifies the kernel of the hosted OS, not requiring binary translation.
VMM has built-in software that presents an appropriate interface for hosted virtual systems, such
as drivers to interact directly with the hardware.
It provides a lightweight virtualization technique where the hypervisor exposes hypercalls that can
be directly called by a modified guest OS to simulate privileged instructions that are difficult to
virtualize. The hypercalls implement a virtualized version of system calls and invoke the
hypervisor’s services. They can be called by a modified guest OS through known APIs.
Paravirtualization provides better performance and lower overhead than full virtualization as it
does not require emulation of system resources. The performance of paravirtualization over full
virtualization with binary translation is significantly better in several configurations, and for some
workloads it is close to native [17], [19], [23]–[26]. However, due to the prices associated with
modifying proprietary software, it is normal to see only modified open source guest OSes.
3.3 Hardware-assisted Virtualization
Although paravirtualization increases the performance, it cannot be as great as native
virtualization, since it involves the mediation of the driver interface to allow interaction between
virtual machines and hardware.
Hardware vendors are rapidly embracing virtualization and developing new features to simplify
virtualization techniques. First generation enhancements include Intel Virtualization Technology
(VT-x) and AMD-V, and both target privileged instructions with a new CPU execution mode
feature that allows the VMM to run in a new root mode below ring 0.
As shown in Figure 2, privileged and sensitive calls directly trap the hypervisor, requiring neither
binary translation nor paravirtualization.
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
159
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
The guest state is stored in Virtual Machine Control Structures (VT-x) or Virtual Machine Control
Blocks (AMD-V). Processors with Intel VT and AMD-V became available in 2006, so only some
systems contain these hardware assist features [27].
A new CPU state was introduced, orthogonal to privilege rings 0-3, called root mode on Intel
chips and guest mode on AMD chips. This state is accessed whenever the hypervisor needs to
take the control over a virtual machine. The guest OS can run in ring 0 but not in root mode.
Furthermore, the handling of I/O memory virtualization allows to prevent Direct Memory Access
(DMA) requests issued from a virtual machine to tamper with unauthorized zones of the host
memory.
FIGURE 2: Hardware-assisted approach to x86 virtualization [22].
3.4 Full Hardware Emulation
It allows executing an unmodified system (guest OS) in a different host architecture.
Emulation, such as full virtualization, is compatible with unmodified OSes. However, in that case,
the resources seen by the guest OS are completely simulated by software. This allows to execute
an OS compiled on a different architecture from the architecture of the host.
Examples of solutions that support full hardware emulation include Bochs, QEMU and VirtualPC
[5].
3.5 Operating-system-level Virtualization
It is based on an OS that supports multiple instances of isolated user-space, called containers.
Each container can target a single application and install only the required software and libraries
to run an application.
The host machine’s hardware resources are partitioned among different guest machines. The
host OS deploys many instances of guest OSes, with a lightweight execution of the OS or
application.
Resources are assigned to containers that represent a set of processes, files, and partitions. This
approach provides high performance, low overhead, and allows the execution of the same OS as
the host machine. Examples of solutions supporting OS-level virtualization include Docker,
Virtuozzo, OpenVZ, and Solaris Containers.
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
160
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
3.6 Application-level Virtualization
This approach increases programs’ portability among different software-hardware architectures. It
is based on various components, including: a portable language, a compiler between source code
and an architecture-independent representation (bytecode), a bytecode interpreter, and an
execution environment that translates bytecode into low-level operations on the host machine.
Examples of solutions supporting application-level virtualization include Java VM, Microsoft .NET,
Perl, Python, and Ruby [5], [17].
4. CLARIFICATION OF SECURITY TERMS AND DEFINITIONS
In this section it is provided an overview of several security terms and definitions as it is
necessary to clarify the terminology adopted, namely:
Threat: any circumstance or event with the potential to adversely impact an asset
through unauthorized access, destruction, disclosure, modification of data or denial of
service (DOS);
Threat agent: someone or something with some capacity, a clear intention to manifest a
threat, and a record of past activities in this regard;
Weakness: a type of mistake in software, in operations and in the infrastructure, that, in
the right conditions, could contribute to introducing vulnerabilities. This term applies to
mistakes in software, regardless of whether they occur in implementation, design or other
phases of the software-development life cycle;
Vulnerability: an occurrence of a weakness (or multiple weaknesses) in software,
operations or infrastructure, in which the weakness can be used to perform actions that
were not specifically granted to who takes advantage of the weakness. So, vulnerability
must always be described in terms of resistance to a certain type of attack [28];
Impact: the effect of an event, incident or occurrence. In cybersecurity, this means the
effect of a loss of confidentiality, integrity or availability of information on an organization’s
operations, an organization’s assets, individuals, other organizations or national interests.
The potential impact (severity impact) of weaknesses and vulnerabilities on organizations
can be measured in qualitative terms as low, moderate, and high;
Risk: a function of the likelihood of a given threat source exercising a potential
vulnerability, as well as the resulting impact of that adverse event on an organization.
Risk can be given by: Risk = Probability · Impact.
5. ATTACK VECTORS
INFRASTRUCTURES
AND
SECURITY
ISSUES
IN
VIRTUALIZED
In this section is mentioned common weakness in virtualized environments. It is presented the
weaknesses in general and we will detail them in the virtualized infrastructure based on the
Common Weakness Enumeration (CWE) maintained by MITRE.
5.1 Injection
This weakness is based on the lack of verification of user-controlled input, or improper accessing
data without proper authorization.
In virtualized environments, injection issues still exist on interaction-specific virtualization. They
are often not well-tackled since the users involved frequently have administration-level
permissions. A specific type of injection is VM image/VM template injection.
Among the related CWE are: Injection (CWE-74), Code injection (CWE-94), OS command
injection (CWE-78), SQL command injection (CWE-89), CRLF injection (CWE-93), and
Externally-controlled format string (CWE-134) [9], [17].
5.2 Improper Authentication
Authentication is a part of the security model Authentication, Authorization and Accounting (AAA).
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
161
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
It is a process by which the system or application validates supplied credentials and assigns
appropriate privileges. When an actor claims to have a given identity, and the software does not
prove or insufficiently proves that the claim is correct this can lead to the exposure of resources
or functionalities to unintended actors. This is caused by incorrectly designed or implemented
authentication mechanisms.
In virtualized environments, authentication applies both to end users and to system components.
Examples of these weaknesses include the use of inappropriate credential types or verification
mechanisms, such as using password-based authentication instead of certificates in highly
volatile and dynamic environments or using weak registration mechanisms or bugs in the
authentication processes.
Among the related CWE are: Improper Access Control (CWE-284), Improper authentication
(CWE-287) Improper authorization (CWE-285), Incorrect user management (CWE-286),
Placement of user into incorrect group (CWE-842), and Improper restriction of the communication
channel between the endpoints (CWE-923) [10], [17], [29].
5.3 Management of Credentials
One authentication mechanism is only as strong as how its credentials are managed. Due to this
reason, it is important to require users to have strong passwords, and to enforce password
strength.
The lack of password complexity significantly reduces the search space when trying to guess
user's passwords, making brute-force attacks easier.
This weakness also refers to insufficiently protected credentials, both at storage and in transit
(i.e., plaintext storage or unprotected transport).
Virtualized environments exacerbate this weakness group because they share unprotected
transportation channels, incrementing the number of actors that may be able to sniff credentials.
In virtualized environments, this may affect multiple levels of the virtualization stack.
Among the related CWE are: Credentials Management (CWE-255), Weak cryptography (CWE261), Weak password recovery mechanism for forgotten password (CWE-640), Insufficiently
protected credentials (CWE-522), and Hard-coded credentials (CWE-798) [17], [30].
5.4 Permissions and Privileges Management
Weaknesses in this category are related to the management of permissions, privileges, and other
security features that are used to perform access control. Specifically, it includes issues caused
by the execution without the required or incorrect privilege assignment, errors in increasing or
diminishing privileges, and insecure or preserved inherited permissions.
In virtualized environments, this weakness is emphasized by the complexity of the privileges and
multiplicity of administrative layers needed for a virtualized environment, especially considering its
dynamics, and scenarios where migrations and federations are in place.
Among the related CWE are: Permissions, Privileges and Access Control (CWE-264), Privilege
and sandbox Issues (CWE-265), and Permission issues (CWE-275) [17], [31].
5.5 Cryptographic Issues
This kind of weakness is related in particularly to cryptographic errors caused by poor design or
poor implementation of the cryptographic solution, or weaknesses in cryptographic protocols by
missing or weak encryption of sensitive data during storage or transmission, allowing man-in-themiddle (MITM) attacks.
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
162
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
Other example can be plaintext storage or transmission of sensitive information, keymanagement errors such as key exchange without entity authentication and lacking or weak
verification of expired keys.
Virtualized environments exacerbate cryptographic issues by sharing of channels or resources.
MITM attacks become highly critical in virtualized environments, where messages from different
users may share the same channel or infrastructure facilities.
Among the related CWE are: Cryptographic Issues (CWE-310), Key management errors (CWE320), Missing encryption of sensitive data (CWE-311), and Missing required cryptographic step
(CWE-325) [17], [32]–[34].
5.6 Data Handling
Weaknesses in this category are typically found in the functionality that processes data. It is a
broad category as it includes string and type errors, generic representation errors such as
improper handling of syntactically invalid structure, and numeric errors (e.g., wrap-around error or
incorrect conversion between numeric types).
In virtualized environments, this also involves data-remanence issues, which are typical of
virtualization and exacerbated by shared storage or memory resources.
Among the related CWE are: Data handling (CWE-19), Representation errors (CWE-137), and
Numeric errors (CWE-189) [17], [35], [36].
5.7 Information Management Errors
This refers to weaknesses that involve improper handling of sensitive information. It specifically
includes information exposure or information leak in intentional or unintentional way to an
unauthorized actor.
In virtualized environments, attacks that exploit this weakness are more critical than in physical
environments. In addition, the distribution and replication mechanisms that belong to such
environments facilitate data-mining attacks. Finally, covert channels that exploit physical CPU
architecture become more critical due to CPU and memory sharing, which permits extraction of
information about processes or networking traffic that belong to other users.
Among the related CWE are: Information management errors (CWE-199) and Information
Exposure (CWE-200) [17], [18], [37].
5.8 Improper Input Validation
When software does not validate input properly, an attacker is able to craft the input in a form that
is not expected by the rest of the application. This will lead to parts of the system receiving
unintended input, which may result in altered control flow, arbitrary control of a resource, or
arbitrary code execution. This refers to pathname traversal and similar issues, including improper
link resolution before file access (link following). It also includes memory-buffer weakness such as
classic buffer overflow and out-of-bound read or write issues.
In virtualized environments, the stratification of interacting software components increases the
impact of this weakness, and verification becomes difficult due to the complexity of the
interactions at component levels. In addition, referring strictly to user interaction, this weakness
shares the same issues as the injection-weakness group.
Among the related CWE are: Improper Input Validation (CWE-20), Path traversal (CWE-22), Link
Following (CWE-59), Memory buffer (CWE-119) [17], [38], [39].
5.9 Insufficient Verification of Data Authenticity
This class of weaknesses is a result of trust issues between data exchange parties.
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
163
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
If an application fails to verify data origin or its authenticity, an attacker might be able to perform
spoofing attacks against a vulnerable application or its clients.
Lack of data authenticity verification may arise in a variety of situations and most likely to be
introduced at design and implementation stages of application development process.
It can include improper verification of cryptographic signature, missing or improper validation of
integrity check and Cross-Site Request Forgery (CSRF).
Virtualization supports technology such as Intel-VT, secure crypto-processors, and Trust
Computing (TC/TPM), which provide fundamental virtualization features but also open a set of
virtualization-technology-specific weaknesses (e.g., hypervisor blue-pilling rootkit in nested
virtualization or misbehavior in authenticity-verification during boot). Weaknesses in the
cryptographic-issues group may also underlie insufficient verification of data origin and
authenticity.
Among the related CWE are: Insufficient Verification of Data Authenticity (CWE-345), Cross-Site
Request Forgery (CWE-352), and Improper verification of cryptographic signature (CWE-347)
[40], [41].
5.10 Improper Certificate Validation
When a certificate is invalid or malicious, it might allow an attacker to spoof a trusted entity by
using a MITM attack.
A software might connect to a malicious host while believing it is a trusted host, or a software
might be deceived into accepting spoofed data that appears to originate from a trusted host [42].
Therefore, this weakness is related to improper validation with host mismatch, certificate
expiration, revocation or missing validation. It also includes weaknesses related to improper
following of certificate’s chain of trust.
In virtualized environments, this weakness is exacerbated by the fact that the confidentiality and
integrity of (both internal and external) communication between virtualization components when is
based on certificates, while certificate protection is at stake due to sharing and the multitenant
nature of the virtualization infrastructure. Improper certificate validation can then result in
unprecedented consequences and impacts.
Among the related CWE are: Improper Certificate Validation (CWE-295), Certificate expiration
(CWE-298), Check on revocation (CWE-299), and Missing validation (CWE-599) [17].
5.11 Use of Insufficiently Random Values
This type of weaknesses involves generating predictable values in a context that requires
unpredictability.
It is related to insufficient entropy in pseudo-random number generators (PRNGs), predictability
problems, and the use of cryptographically weak PRNGs.
In virtualized environments, this weakness is exacerbated by the virtualization of hardware
devices. For instance, achieving sufficient entropy is even more difficult since the virtualized
environment reduces the quality of the source of entropy commonly adopted by PRNG
algorithms.
A related CWE is Insufficiently Random Values (CWE-330).
5.12 Resource Management Errors
This type of weaknesses involves improperly managing system resources, possibly leading to
resource exhaustion.
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
164
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
It also refers to weaknesses stemming from improper resource shutdown or release, double free
call that leads to modifying unexpected memory locations, and many other memory-management
weaknesses, such as the improper release of memory before removing the last reference.
In virtualized environments, this is crucial because several attacks are based on exhausting
system resources to achieve DOS or to force the system into a state that facilitates other attacks.
Resource-consumption issues show a transversal impact on many components, from
hypervisors, which may not be not able to offer balanced computing power, to virtualized
networks, which may represent a serious bottleneck due to resource exhaustion.
A related CWE is Resource Management Errors (CWE-399).
5.13 Cross-site Scripting
This group refers to user-controllable input that is not neutralized or is incorrectly neutralized
before it is placed in an output that is used and served to other users.
It is mainly for web pages. As a result, an attacker can inject and execute arbitrary HTML and
script code in user's browser in context of a vulnerable website.
Based on weakness conditions it is common to divide XSS errors into 3 main types: reflected
XSS, stored XSS and DOM-based XSS. After successful attack a malicious user can perform a
variety of actions: steal user's cookies, modify webpage contents, perform operations with the site
within user's session (XSS proxy).
In virtualized environments, there are dashboards to evaluate virtualization features or to inspect
resources. These web-based dashboards allow interaction and thus must be protected against
cross-site scripting [17]. A related CWE is Cross-site Scripting (CWE-79).
5.14 Race Conditions
This group refers to sequences that can run concurrently with other code, and the code sequence
requires temporary, exclusive access to a shared resource, but there are time windows in which
the shared resources may be modified by code sequences that operate concurrently.
This can have security implications when the expected synchronization is in security-critical code,
such as recording whether a user is authenticated or modifying important state information that
should not be influenced by an outsider.
A race condition occurs in concurrent environments and is effectively a property of a code
sequence. Depending on the context, a code sequence may be in the form of a function call, a
small number of instructions, a series of program invocations, etc.
It violates exclusivity (the code sequence is given exclusive access to the shared resource) and
atomicity (the code sequence is behaviorally atomic) properties, which are closely related.
A race condition exists when an "interfering code sequence" can still access the shared resource,
violating exclusivity.
In virtualized environments, the existence of numerous independently managed, asynchronous
components mandates carefully designing and implementing mechanisms to manage such
situations.
A related CWE is CWE Race Condition (CWE-362) [17].
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
165
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
5.15 Environment
This group refers to weaknesses introduced during unexpected environmental conditions. It refers
mainly to technology-specific issues and interaction error occurred when two entities work
correctly when running independently, but they interact in unexpected ways when they are
running together.
In virtualized environments, several software components interact to bring virtualization facilities
to the end users. This ecosystem is made up of software from different vendors that use different
technologies, developed and maintained according to different methodologies. This emphasizes
issues related to the coexistence and cooperation of software components in virtualization
systems, as well as leading to the weakness group "configuration" [17].
Among the related CWE are: Environment (CWE-2) and Interaction Error (CWE-435).
5.16 Configuration
This group refers to weaknesses typically introduced during the configuration of the software
components. Virtualized systems are often based on several interoperating software components
that need to be dynamically configured to support virtualization in many application scenarios.
Weaknesses at the configuration level grow in importance when virtualization behavior is affected
by dependencies among different components. In addition, all these components are based on
complex configurations, which, due to the interactive nature of the components, may evolve
during the virtualized-environment lifecycle. This makes weaknesses in the configuration group
even more significant in virtualized environments than in traditional systems, because in
virtualization the logical layer is more complex.
A related CWE is Configuration (CWE-16).
6. ATTACKS AND THREATS IN VIRTUALIZATION INFRASTRUCTURES
In this section, several attacks and security threats related to virtualization infrastructures are
mentioned.
6.1 Lack of Security Controls
Segregation of systems, i.e. different systems for different purposes (e.g., production systems
and development systems), is common. Due to their nature, systems for development may have
fewer security controls in place, this may eventually provide an easier way for a possible
intrusion.
Since VMs are not physical machines, they are all stored as a collection of files whether on the
local hard drive or on another type of support (e.g., NAS, SAN).
If an attacker gets physical access to the hypervisor or the storage devices it may misuse an
entire OS or download the virtual image to your system.
6.2 Malware
Virtualization is a powerful tool for deploying a virtual environment for malware analysis.
However, there are techniques for detecting the presence of virtualization software [43]–[45].
If a system is detected as being virtual, malware that is aware that it is present in a virtual
environment may change its behavior accordingly and intend to directly attack the VM and its
components or attack the virtualization layer itself (VMM).
The most common way for a malware to infect a system is by exploiting vulnerabilities that are
usually found in software.
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
166
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
Research has been conducted to find and protect the means by which malware detects a virtual
environment (e.g. VMM issues, registry entries, OS peculiarities, or CPU indicators) [46].
Malware attacks can create possible situations for increased workload of the infected machine.
Examples of malware for virtual environments are SubVirt and Blue Pill.
6.3 Reversion of VM
Several encryption solutions are based on using the system configuration to generate a seed and
create hashes. A seed can be obtained from system clock, hard disk rotation, memory contents
and many other system elements. Besides that, seeds can be used to create timestamps or
nonces. The rollback of a VM can lead to some seeds being used again, in the same way that
they were used for previous communications to create timestamps and nonces.
A snapshot allows to create a full image of a client machine at a certain point in time. Although
this feature is very useful, it can also bring security problems, namely:
Insert into the network a machine that does not have the latest updates;
Re-activate accounts that have been decommissioned;
Use of old security policies.
6.4 VM Sprawl
VM Sprawl describes the situation where the number of VMs on a network goes beyond the point
where they can be managed effectively.
It occurs when there is an uncontrolled implementation of virtual machines in productive
environments, without managing changes in virtual machines, without a formal review process for
the security of virtual machines before they are implemented, and without a restricted set of
licensed VM models.
Without an effective control process in place, VMs and other virtual systems with unknown
configurations can quickly proliferate, consuming resources, degrading overall system
performance, and increasing liability and risk of exposure.
6.5 Memory Congestion
It is concerned with the allocation of resources, which include link bandwidth, memory size, and
processing capacity at all intermediary nodes, among all the connected nodes in a network. The
connection will be as such that the nodes can operate the transaction at an acceptable
performance level.
However, the resource allocation is necessary, even for a low load, but the problem becomes
challenging when the load increases. Due to a massive load on a single node, the fairness issues
will occur, and low overhead will increase, which reduces the performance [47].
6.6 Hyperjacking
Security measures, such as firewalls, IDS/IPS, and antivirus are ineffective against hyperjacking
because neither the VM nor the server is aware that the hypervisor is compromised. Two
examples of Hyperjacking are Virtual-Machine-Based Rootkit bluepill and SubVirt.
6.7 VM Escape
The VMs are encapsulated, in isolated environments, and the OSes running inside the virtual
machines should not know that they are running in a virtualized environment, nor should there be
a possibility to leave the VM and change the hypervisor.
It is called VM escape when this isolation is broken, and the VM hosted, interacts with the
hypervisor. In VM escape, a program that runs on a VM is able to bypass the virtual layer
(provided by the hypervisor), and gain access to the host machine.
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
167
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
Several organizations compromise isolation by configuring it in a flexible way in order to meet the
needs of the organization, leading to security issues. The solution of this vulnerability involves
correctly configuring the host machine and VM client interaction.
6.8 Denial of Service
It can be described as an attack that happens when a hosted machine uses almost exclusively all
available resources. Therefore, it is important to prevent a hosted machine from consuming all
resources by limiting resource allocation to each VM.
6.9 VM Poaching/Resource Hogging
It is similar to DoS attack and happens when one of the virtual guest OSes takes up more
allocated resources against another guest OS on the same virtualized environment.
This issue can make the virtual machine crash. VM poaching can occur in any resources of a
hypervisor such as disks, memory, CPU, network, and disks.
6.10 Incorrect Isolation between VMs/VMs and Hosts
As mentioned, one of the key issues in virtualization is isolation. Isolation ensures that an
application that is running on a VM cannot see applications running on another different VM, or
that a process running on a VM cannot affect other VMs running on the same physical machine.
If this insulation is not working properly, then an attacker can access other virtual machines on
the same machine or even the hypervisor.
In such a heterogeneous environment it is difficult to guarantee the operational integrity of each
VM. The same is applied when there are hardware faults on the host machine that can affect the
several hosted systems.
6.11 Intercommunication Among Virtual Machines
It is provided by virtual switches embedded in the VMM. These switches allow communication
between VMs hosted on the same machine, using the same protocols that physical systems use,
not requiring to install additional network interfaces.
The visibility of VMs' intercommunication is limited and monitoring connections or performing
network diagnoses can be considered as a difficult task to accomplish. The main reason is that to
monitor virtual switches, is required a robust and reliable subsystem in the hypervisor to provide
statistics, flow analysis and problem-solving capability. Hypervisors usually lack extended
features such as those to avoid heavy and complex implementations and to minimize security
issues.
Unless the monitoring tools are in each VM, the lack of visibility poses a great danger to the
environment itself.
6.12 OS Vulnerabilities
It is the OS that controls the way the computer runs each software. Therefore, a vulnerability in
the OS can lead to serious security risks (e.g. attacker takes control of Administrator account).
6.13 External Hypervisor Modification
Unexpected hypervisor behavior can break the system’s security model.
There are several solutions to this problem, for instance to use technologies such as Secure
hypervisor approach to Trusted Virtualized Systems (SHype) to ensure the security of the
hypervisor layer [7].
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
168
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
Another solution is to protect the hypervisor from unauthorized modifications or to allow hosted
VMs to validate the hypervisor [20].
6.14 External Modification of a VM
The best approach to solve this problem is to assign a digital signature to the VM and validate
that same signature before the implementation.
6.15 Monitoring of a VM from Another VM
If correctly implemented, memory protections should not allow a VM from viewing the memory
used by the other VM. However, if the virtualization platform uses a virtual hub/switch to connect
all hosted VMs with the host, VMs may be able to capture packages (e.g. with ARP poisoning
attack).
Network traffic authentication is considered a possible solution, and it is also be possible to limit
the MAC Ethernet address that can be used in a VM virtual network interface. Nevertheless, MAC
Address can be spoofed.
6.16 Monitoring of VMs from The Hypervisor
A major concern regarding the administration of a virtual infrastructure is the way in which several
workloads hosted in a single physical host are managed.
In general, all network traffic to and from VMs goes through the hypervisor. This allows allows
hypervisor to monitor all network traffic for all VMs.
If a hypervisor is compromised, then the security of VMs may also be compromised.
6.17 Attack Guest-to-Guest
Is assumed that the attacker has already gained access to a hosted VM.
These attacks are usually performed indirectly e.g. an unauthorized user escapes from a hosted
environment and then compromise the other hosted VMs through privileged access to the
hypervisor.
7. SECURITY CONSIDERATIONS
Traditional information security risks are inherited by virtualization technology and are added to
the new ways and methods of executing and manipulating the security of a virtualized system.
Most of the information security standards mention the use of robust monitoring solutions with the
ability to keep track of all changes that occur in a system or any other incident that may be useful
for possible investigations.
Technological advancements have allowed the development of virtual machine introspection
techniques. They replaced traditional methods of monitoring protection, which were inadequate in
today's demanding and critical virtual environments.
The great complexity and extensive functionality of today’s systems highlight the tendency to
become vulnerable to design errors or programming errors.
The larger the surface of an OS, the more likely it is to contain bugs or design errors. Therefore,
one of the essential characteristics of hypervisors is that they must be as minimal and light as
possible in order to achieve levels of efficiency and security very close to ideal.
8. CONCLUSION
Virtualization, as a technology, was able to ensure efficiency in infrastructure, as well as create
the consolidation of a large number of services in a small number of is physical machines.
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
169
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
Hypervisors are having an increasingly smaller footprint, reducing their attack surface [3].
However, the more trust/privilege is assigned to hypervisors, the greater the motivation for an
attacker to come up with possible ways to subvert their operation.
Hardware extensions for virtualization will play an important role in helping secure
implementations, as several virtualization flaws exist due to their nature of being a softwarebased solution [48].
As with all computing technologies, virtualization presents its own security risks. Some of these
issues inherently arise due to the nature of technology, while many occur when virtualization
technology is deployed incorrectly. Too often, IT professionals make the mistake of relying solely
on backups, firewalls, password and security tools to secure their data centers, but this approach
does not cover all the bases [49].
This study introduced the the security considerations, concerns, and implications associated with
virtualized environments. It mentioned various virtualization approaches and presented a series
of security threats in a virtualized environment. It is important to consider the security threats that
come with virtualization technology to have an efficient and effective infrastructure installed, as
well as applying suitable defense mechanisms.
This document is an exhaustive overview of security in virtualized environments in recent years.
The main objective was to help security professionals and IT professionals who are responsible
for infrastructure virtualization, since virtualization has effectively changed the way we look at and
treat IT. Despite all the benefits of virtualization, it also comes with a set of security risks.
Virtualized assets are more difficult to protect than physical servers and require specialized tools
and training to be managed [49].
The key to creating a truly effective cybersecurity strategy is to take a multilayered approach to
securing both VMs and the virtualization stack [49].
In the near future, we would like to conduct an extensive study on approaches to mitigate security
threats in cloud environment.
9. REFERENCES
[1]
J. S. Reuben, “A Survey on Virtual Machine Security,” 2007.
[2]
D. Rosado, R. Gómez, D. Mellado, and E. Fernández-Medina, “Security Analysis in the
Migration to Cloud Environments,” Futur. Internet, vol. 4, pp. 469–487, 2012.
[3]
M. Pearce, S. Zeadally, and R. Hunt, “Virtualization: Issues, security threats, and solutions,”
ACM Comput. Surv., vol. 45, pp. 17:1-17:39, 2013.
[4]
T. Ormandy, “An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized
Environments,” in CanSecWest 2007, 2007, pp. 1–10.
[5]
N. Aaraj, A. Raghunathan, and N. K. Jha, “Virtualization-assisted Framework for Prevention
of Software Vulnerability Based Security Attacks,” 2007.
[6]
A. Azab, P. Ning, Z. Wang, X. Jiang, X. Zhang, and N. Skalsky, “HyperSentry: Enabling
Stealthy In-context Measurement of Hypervisor Integrity,” 2010, pp. 38–49.
[7]
F. Bazargan, C. Yeun, and J. Zemerly, “State-of-the-Art of Virtualization, its Security Threats
and Deployment Models,” Int. J. Inf. Secur. Res., vol. 3, 2013.
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
170
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
[8]
D. Tank, A. Aggarwal, and N. Chaubey, “Virtualization vulnerabilities, security issues, and
solutions: a critical study and comparison,” Int. J. Inf. Technol., 2019.
[9]
VMware, “Achieving Compliance in a Virtualized Environment,” 2008.
[10] M. Cobb, “A preview of PCI virtualization specifications,” 2011.
[11] CVE Details, “Vmware Esxi : CVE security vulnerabilities, versions and detailed reports.”
[Online].
Available:
https://www.cvedetails.com/product/22134/VmwareEsxi.html?vendor_id=252.
[12] S. Jagathpal, “Information Security Blog,” 18-Feb-2010.
http://shobhajagathpal.blogspot.com/2010_02_01_archive.html.
[Online].
Available:
[13] S. Orrin and O’Berry David, “Building Security Beneath the OS - The Security Content
Automation,” 2011.
[14] K. Kortchinsky, “Cloudburst: Hacking 3D (and Breaking Out of VMware) for Black Hat USA
2009,” 2009.
[15] A. Pingios, “CVE-2009-3692: VirtualBox VBoxNetAdpCtl Privilege Escalation,” 2009.
[Online].
Available:
https://xorl.wordpress.com/2009/10/13/cve-2009-3692-virtualboxvboxnetadpctl-privilege-escalation/.
[16] D. D. Zovi, “Hardware virtualization based rootkits.” Black Hat USA, 2006.
[17] M. P. Souppaya, K. Scarfone, and P. Hoffman, “Guide to Security for Full Virtualization
Technologies,” 2011.
[18] C. Li, A. Raghunathan, and N. K. Jha, “Secure Virtual Machine Execution under an
Untrusted Management OS,” in Proceedings - 2010 IEEE 3rd International Conference on
Cloud Computing, CLOUD 2010, 2010, pp. 172–179.
[19] A. Baruchi and R. L. Piantola, “Análise Quantitativa de Técnicas de Virtualização Como
Ambiente de Testes.”
[20] R. Morabito, J. Kjällman, and M. Komu, “Hypervisors vs. Lightweight Virtualization: A
Performance Comparison,” 2015.
[21] K. Adams and O. Agesen, “A Comparison of Software and Hardware Techniques for X86
Virtualization,” SIGOPS Oper. Syst. Rev., vol. 40, no. 5, pp. 2–13, Oct. 2006.
[22] VMware, “VMware Understanding Full Virtualization, Paravirtualization, and Hardware
Assist,” 2008.
[23] R. P. Goldberg, “Survey of virtual machine research,” Computer (Long. Beach. Calif)., vol. 7,
no. 6, pp. 34–45, Jun. 1974.
[24] N. Kiyanclar, “A Survey of Virtualization Techniques Focusing on Secure On-Demand
Cluster Computing,” 2005.
[25] TechNavio, “Global Endpoint Server Security Market 2011-2015.”
[26] L. Wood, “Research and Markets: Global Endpoint Server Security Market 2011-2015 |
Business
Wire,”
13-Aug-2012.
[Online].
Available:
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
171
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
https://www.businesswire.com/news/home/20120813005608/en/Research-Markets-GlobalEndpoint-Server-Security-Market.
[27] G. J. Popek and R. P. Goldberg, “Formal Requirements for Virtualizable Third Generation
Architectures,” Commun. ACM, vol. 17, no. 7, pp. 412–421, Jul. 1974.
[28] S. Ray, “Towards a Formalization of the X86 Instruction Set Architecture,” 2008.
[29] F. Tsifountidis, “Virtualization Security: Virtual Machine Monitoring and Introspection,” 2011.
[30] C. Strachey, “Time sharing in large, fast computers.,” in IFIP Congress, 1959, pp. 336–341.
[31] J. McCarthy, “Reminiscences on the History of Time-Sharing,” IEEE Ann. Hist. Comput., vol.
14, no. 1, pp. 19–24, Jan. 1992.
[32] J. Howlett, “The Atlas Computer Laboratory,” IEEE Ann. Hist. Comput., vol. 21, no. 1, pp.
17–23, Jan. 1999.
[33] D. Morris, F. H. Sumner, and M. T. Wyld, “An Appraisal of the Atlas Supervisor,” in
Proceedings of the 1967 22nd National Conference, 1967, pp. 67–75.
[34] B. S. Brawn, F. G. Gustavson, and E. S. Mankin, “Sorting in a paging environment,”
Commun. ACM, vol. 13, pp. 483–494, 1970.
[35] P. J. Denning, “Performance Evaluation: Experimental Computer Science at its Best,” 1981.
[36] J. Hoopes, Ed., “Chapter 1 - An Introduction to Virtualization,” in Virtualization for Security,
Boston: Syngress, 2009, pp. 1–43.
[37] S. E. Madnick and J. J. Donovan, “Application and Analysis of the Virtual Machine Approach
to Information System Security and Isolation,” in Proceedings of the Workshop on Virtual
Computer Systems, 1973, pp. 210–224.
[38] J. C. C. dos Santos Ramos, “Security challenges with virtualization,” Universidade de
Lisboa, 2009.
[39] V. Bourne, “Unleashing the Power of Virtualization,” 2010.
[40] P. Barham et al., “Xen and the Art of Virtualization,” SIGOPS Oper. Syst. Rev., vol. 37, no.
5, pp. 164–177, Oct. 2003.
[41] A. Whitaker, M. Shaw, and S. D. Gribble, “Scale and Performance in the Denali Isolation
Kernel,” SIGOPS Oper. Syst. Rev., vol. 36, no. SI, pp. 195–209, Dec. 2003.
[42] M. D. Schroeder and J. H. Saltzer, “A Hardware Architecture for Implementing Protection
Rings,” Commun. ACM, vol. 15, no. 3, pp. 157–170, Mar. 1972.
[43] J. Franklin, M. Luk, J. M. McCune, A. Seshadri, A. Perrig, and L. van Doorn, “Remote
Detection of Virtual Machine Monitors with Fuzzy Benchmarking,” SIGOPS Oper. Syst. Rev.,
vol. 42, no. 3, pp. 83–92, Apr. 2008.
[44] P. Ferrie, “Attacks on Virtual Machine Emulators,” 2007.
[45] T. Liston and E. Skoudis, “On the Cutting Edge: Thwarting Virtual Machine Detection.”
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
172
Rui Filipe Pereira, Rui Miguel Silva & João Pedro Orvalho
[46] T. Garfinkel, K. Adams, A. Warfield, and J. Franklin, “Compatibility Is Not Transparency:
VMM Detection Myths and Realities.,” 2007.
[47] N. M. Upadhyay and R. S. Singh, “An effective scheme for memory congestion reduction in
multi-core environment,” J. King Saud Univ. - Comput. Inf. Sci., 2020, [Online]. Available:
http://www.sciencedirect.com/science/article/pii/S1319157820303888.
[48] G. Pék, L. Buttyán, and B. Bencsáth, “A Survey of Security Issues in Hardware
Virtualization,” ACM Comput. Surv., vol. 45, no. 3, Jul. 2013.
[49] M. Comeau, “Protect your infrastructure with virtualization security management,” 2017.
https://searchservervirtualization.techtarget.com/tip/Protect-your-infrastructure-withvirtualization-security-management.
International Journal of Computer Science and Security (IJCSS), Volume (14) : Issue (5) : 2020
173