Survey on Virtual Machine Security

Survey on Virtual Machine Security

Virtualization plays a major role in helping the organizations to reduce the operational cost, and still ensuring improved efficiency, better utilization and flexibility of existing hardware. Virtualization is both an opportunity and a threat : says Patrick Lin, Senior director of Product Management for VMware [4]. This paper presents a literature study on various security issues in virtualization technologies. Our study focus mainly on some open security vulnerabilities that virtualization brings to the environment. We concentrate on security issues that are unique for virtual machines. The security threats presented here are common to all the virtualization technologies available in the market, they are not specific to a single virtualization technology. We provide an overview of various virtualization technologies available in the market at the first place together with some security benefits that comes together with virtualization. Finally we provide a detailed discussion of several security holes in the virtualized environment. Virtualization : A technology that has an enormous effect in today’s IT world. It is a technique that divides a physical computer into several partly or completely isolated machines commonly known as virtual machines (VM) or guest machines. Multiple of these virtual machines can run on a host computer, each possessing its own operating system and applications. This gives an illusion to the processes on these virtual machines as if they are running on a physical computer, but in reality they are sharing the physical hardware of the host machine. The software that allows multiple operating systems to use the hardware of the physical machine is called a hypervisor or a control program. Hypervisors sit between the operating system of the host machine and the virtual environment. There are various virtualization technologies available in the market, having their own merits and demerits. In non-virtual environment, the applications running on the machine can see each other, and in some cases can even communicate with each other, whereas in virtual environment [7] the programs running in one guest machine are isolated from the programs running in another guest machine, in other words guest machines provide what appear to be independent coexisting computers [7] to their running programs. The degree of isolation should be strong enough that the vulnerabilities in one virtual machine should not affect either the virtual machines or the underlying host machine. The computer that is being virtualized is of no difference from the computer that is not virtualized. The virtualized environment is vulnerable to all the traditional attacks and exploits that are common to the normal environment. The case is even worse in the virtualized environment, where there are several virtual computers running. The security expectations are higher in here because there are more systems to protect [4], more possible points of entry, more holes to patch and there are more interconnection points in the virtualized environment [4]. Attackers and Hackers are already been actively developing new malware programs for virtual machine environment. Root kit infections, malware that detects a virtual environment and modifies itself accordingly [4, 11] are some of them. Low-level hypervisor attacks, and deployment of malicious virtual systems [4] are few possible attacks that are unique to this environment. On the other hand new security protection programs are also emerging in the market every now and then from different vendors, but most of these security solutions are mainly focused on hypervisor. Since hypervisor is a new layer between the host’s OS and virtual environment, it creates new opportunities for the malicious programs. And more over, hypervisor is basically a software program, so it has all the traditional software bugs and the security vulnerabilities as any software have. One of such product that hits the market recently is SHype [4], a new secure hypervisor that binds security policies to the virtual environment. A good debate on recent security solutions can be found on [10]. However, virtual machine security is more than just deploying a secure hypervisor to the environment. Virtualization technologies are still evolving. Newer versions with added features are introduced before the security consequences of the older version has been fully studied. This work analyzes the general security threats in a virtual environment and suggests possible solutions for few of the mentioned threats. Understanding of virtualization technologies greatly helps to understand the security consequences that occur in the environment. Sec. 3 discuss the back ground of various virtualization technologies together with some security benefits offered by these virtualization technologies and finally Sec. 4 analyze the security issues concerning virtualization

Free download research paper


Distributed Java Virtual Machine for Cluster Computing

Real Time Environmental Monitoring and Notification for Public Safety CSE PROJECTS