Abstract
A description has been provided for a formal model of cyber attack on virtualization tools that allow one to formulate condition for the security of virtualization tools. The concept of measuring the vulnerability of virtualization tools has been introduced that characterizes the predisposition of a system to vulnerabilities that contribute to the implementation of cyber attacks in the proposed formal model. These characteristics of virtualization tools allow one to compare different hypervisors and estimate the presence of vulnerabilities in them.
Similar content being viewed by others
References
Williams, D., Jamjoom, H., and Weatherspoon, H., The Xen-blanket: Virtualize once, run everywhere, EuroSys 2012, Bern, 2012. http://jamjoom.net/publications/jamjoom-EuroSys-12.pdf
Pechenkin, A.I. and Lavrova, D.S., Parallel analysis of the security of network traffic on a multi-processor cluster, Zh. Inf. Bezop., Komp. Sist., 2013, no. 1, pp. 54–61.
IBM X-Force Mid-year Trend and Risk Report. IBM Security Solutions, 2010, pp. 50–53. ftp://public. dhe.ibm.com/common/ssi/ecm/en/wgl03003usen/WGL03003USEN.pdf
Gruskovnjak, J., Advanced exploitation of Xen Hypervisor Sysret VMescape vulnerability, Secur. Res., 2012. http://www.vupen.com/blog/20120904.Advanced_Exploitation_of_Xen_Sysret_VM_Escape_CVE-2012-0217.php
Jones, R., CVE-2011-4127: Privilege escalation from qemu. KVM guests. http://rwmj.wordpress.com/2011/ 12/22/cve-2011-4127-privilege-escalation-from-qemu-kvm-guests/
Elhage, N., Virtunoid: Breaking out of KVM, Elhage. Black Hat: USA, 2011. http://media.blackhat.com/bh-us-11/ Elhage/BH_US_11_Elhage_Virtunoid_Slides.pdf
Zegzhda, D.P. and Nikol’skii, A.V., A formal security model for hypervisors of virtual machines in cloud computing systems, Zh. Probl. Inf. Bezop., Komp. Sist., 2013, no. 1.
Vogl, S., Secure Hypervisors. http://www.sec.in.tum.de/assets/lehre/ss09/seminar_virtualisierung/Secure_ Hypervisors_S-Vogl.pdf
Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., and Boneh, D., Terra: A virtual machine-based platform for trusted computing, SIGOPS, Bolton Landing, NY, 2003. http://suif.stanford.edu/papers/sosp03-terra.pdf
Karger, P., Zurko, M., Bonin, D., Mason, A., and Kahn, C., A VMM security kernel for the VAX architecture, IEEE Computer Society Symposium on Security and Privacy, 1990. http://www.scs.stanford.edu/nyu/ 02sp/sched/vmm.pdf
Sailer, R., et al., sHype: Secure Hypervisor Approach to Trusted Virtualized Systems, IBM Research Division, Thomas J. Watson Research Center, 2005. http://domino.watson.ibm.com/library/cyberdig.nsf/papers/ 265C8E3A6F95CA8D85256FA1005CBF0F/$File/rc23511.pdf
Szefer, J. and Lee, R., Architectural support for hypervisor-secure virtualization, ASPLOS, London, 2012. http://palms.princeton.edu/system/files/asplos2012_wfooter.pdf
Author information
Authors and Affiliations
Corresponding author
Additional information
Original Russian Text © A.V. Nikolskiy, Yu.S. Vasil’ev, 2015, published in Problemy Informatsionnoi Bezopasnosti. Komp’yuternye Sistemy.
About this article
Cite this article
Nikolskiy, A.V., Vasil’ev, Y.S. Formal model of cyber attacks on virtualization tools and a measure of hypervisor vulnerability. Aut. Control Comp. Sci. 49, 751–757 (2015). https://doi.org/10.3103/S014641161508012X
Received:
Published:
Issue Date:
DOI: https://doi.org/10.3103/S014641161508012X