Advanced Security Threats and Mitigation Techniques in Virtualized Environment
Keywords:Virtualization, Virtual Machines, Threats, Mitigation, Virtualization Security.
â€˜Virtualizationâ€™ is not the new buzzword in IT field as it was introduced in 1960s by IBM while trying providing solution to accommodate multiple users over expensive computer resources with time shared solutions.This solution supported every technology and protocols of physical computer infrastructure. Even though it kept evolving over the years, the technology achieved its reach with the introduction of VMware workstation by VMware Company in year 1999.At present there are enough solutions available to virtualize our computer resources.However the rush seen in embracing this technology has not been justified when we consider the security issues attached to it. Virtualization by itself is considered erroneously as a security solution. In fact it increases the attack surface area, along with the more probability of successful execution of various cyber-attacks. This paper is intended to study in detail about the advanced threats and their mitigation techniques that are to be understood while operating in virtualized environment.
 VMware, Inc, â€œVirtualization overview â€œ[Online]: https://www.vmware.com/pdf/virtualization.pdf.
 Scott Delap, â€œVirtualization Introâ€ [Online]: https://www.infoq.com/articles/virtualization-intro.
 Dave Shackleford, â€œVirtualization Security: Protecting virtualized Environmentsâ€: Book published by Jhon Wiley & Sons. ISBN: 978-1-118-28812-2.
 Ted Ritter, â€œVirtualization Security Achieving Compliance for the Virtual Infrastructureâ€ Senior Research Analyst, Nemertes Research [Online] http://la.trendmicro.com/media/wp/virtualization-security-nemertes-whitepaper-en.pdf.
 Muhammad Arif and Haroon Shakeel, â€œVirtualization security: Analysis and open challengesâ€, Faculty of Computer Science and Information Technology, University of Malaya 50603 Kuala Lumpur, Malaysia, Computer Science Department, Comsats Institute of Information and Technology Islamabad Pakistan, International Journal of Law and Information Technology February 2015.
 Gabriel Cephas Obasuyi, Arif Sari, â€œSecurity Challenges of Virtualization Hypervisors in Virtualized Hardware Environmentâ€, Management Centre of the Mediterranean, Nicosia, Cyprus, Int. J. Communications, Network and System Sciences, 2015, 8, 260-273.
 Jason Geffner, â€œVENOMâ€ CrowdStrike Senior Security Researcher, [Online]: http://venom.crowdstrike.com.
 Brian Donohue,â€œAll you need to know about VENOM virtualization vulnerabilityâ€, [Online]: https://blog.kaspersky.com/venom-virtualization-vulnerability/8743/.
 VMware, Inc, â€œVMwareÂ® vStorage Virtual Machine File Systemâ€ [Online]: https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/vmware-vmfs-tech-overview-white-paper.pdf.
 Michael Principato, â€œVirtualization technology and Process Control System upgradesâ€, Heidelberg Technology Center - HeidelbergCement, Allentown/Leimen, Germany Technical Conference, 2010 IEEE-IAS/PCA 52nd https://doi.org/10.1109/CITCON.2010.5469770.
 Satyam B.Vaghani â€œVirtual Machine File Systemâ€ VMware, Inc [Online]: https://www.researchgate.net/publication/220623259_Virtual_machine_file_system.
 VMware, Inc, VMFS, [Online:] https://www.vmware.com/support/ws55/doc/ws_learning_files_in_a_vm.html.
 VMware, Inc, VMFS Best Practices, [Online:] http://www.vmware.com/pdf/vmfs-best-practices-wp.pdf.
 Kaspersky, â€œMalware analysis:How some strainsâ€˜adaptâ€™ to virtual Machinesâ€ [Online]: http://www.bitpipe.com/detail/RES/1477288811_51.html
 Diego Perez-Botero, Jakub Szefer and Ruby B. Lee, "Characterizing Hypervisor Vulnerabilities in Cloud Computing Servers,"in Proceedings of the Workshop on Security in Cloud Computing (SCC), May 2013.
 SUSE security updates [Online]: https://www.suse.com/security/cve/CVE-2008-3687/.
 Understanding Memory Resource Management [online]: http://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/perf-vsphere-memory_management.pdf.
 Mikhail Gorobets & team, Attacking Hypervisor Via Firmware [Online] http://www.intelsecurity.com/advanced-threat-research/ content/ AttackingHypervisorViaFirmware_bhusa15_dc23.pdf.
 Piotr Gaj, MirosÅ‚aw Skrzewski, Jacek StÃ³j, JarosÅ‚aw Flak, â€œVirtualization as a way to PC based functionalitiesâ€ https://doi.org/10.1109/TII.2014.2360499.
 Te-Shun Chou, â€œSecurity Threats On Cloud Computing Vulnerabilitiesâ€, IJCSIT Vol 5, No 3, June 2013.
 Arif Khan, â€œVirtual machine securityâ€, Int. J. Information and Computer Security, Vol. 9, Nos. 1/2, 2017.
 Hagen Lauer, Nicolai Kuntze, â€œHypervisor-based Attestation of Virtual Environmentsâ€ IEE Journal : DOI 10.1109/UIC-ATC-ScalCom-CBDCom-IoP-SmartWorld.2016.125
 Leonardo Richter Bays, Rodrigo Ruas Oliveira, Marinho PillaBarcellos, Luciano Paschoal Gaspary and Edmundo Roberto Mauro Madeira, â€œVirtualnetworksecurity:threats, countermeasures, and challengesâ€, Springer: Journal of Internet Services and Applications, DOI10.1186/s13174-014-0015-z
 Di Lu, Jianfeng Ma, Cong Sun, Qixuan Wu, Zhaochang Sun, Ning Xi,â€Building a Secure Scheme for a Trusted Hardware Sharing Environmentâ€, IEE Journal : DOI 10.1109/ ACCESS.2017.2703124, IEEE Access, Vol. 14, No. 8, Aug 2015