APEX INSTITUTE OF TECHNOLOGY (AIT)

Bachelor of Computer Science Engineering

Subject Name- Cloud Security
Code- 21CSH- 486
Dr. Vijay Mohan Shrimal
E17122

Unit 2 DISCOVER . LEARN . EMPOWER

1
Virtualization System-Specific Attacks
 CLOUD SECURITY
Course Outcome
CO3 Apply the system specific attacks in virtualization

CO4 Analyze how virtualization technologies contribute to enhanced security in cloud

computing

2
SYLLABUS
Unit No. 2
•Virtualization System-Specific Attacks: Guest hopping, attacks on the VM (delete the VM,
attack on the control of the VM, code or file injection into the virtualized file structure), VM
migration attack, hyperjacking
•Technologies For Virtualization-Based Security Enhancement:Virtual server protection;
Storage Security- HIDPS, log management, Data Loss Prevention. Location of the Perimeter.
 VIRTUALIZATION SYSTEM SPECIFIC ATTACKS
• Virtualization system-specific attacks are a category of security threats and
vulnerabilities that specifically target virtualization technologies and their
associated components.
• Virtualization is a foundational technology in cloud computing and data
center environments, allowing multiple virtual machines (VMs) or
containers to run on a single physical server.
• As with any technology, virtualization has its own set of vulnerabilities and
attack vectors that malicious actors can exploit.
 EXAMPLES
• VM Escape: VM escape attacks involve an attacker compromising a virtual
machine and then breaking out of the virtualized environment to gain
unauthorized access to the underlying hypervisor or host operating system.
From there, they can potentially compromise other VMs on the same
physical server.
• Hypervisor Vulnerabilities: Hypervisor software, which manages and
orchestrates virtual machines, can have its own vulnerabilities. Attacks
targeting these vulnerabilities can lead to the complete compromise of the
virtualization infrastructure.
 EXAMPLES
• Resource Exhaustion: Attackers may attempt to exhaust critical system
resources like CPU, memory, and I/O bandwidth on a virtualization host,
degrading the performance and availability of VMs sharing the same host.
This can be done through various means, such as running resource-intensive
workloads or launching a Distributed Denial of Service (DDoS) attack against
the virtualization infrastructure.
• VM Sprawl: VM sprawl occurs when unauthorized or unnecessary virtual
machines are created, consuming valuable resources and potentially
increasing the attack surface. Attackers may create new VMs to serve as a
platform for launching attacks or hide their activities.
 EXAMPLES
• Guest-to-Guest Attacks: In multi-tenant environments, where multiple VMs
from different users or organizations share the same physical infrastructure,
attackers may try to exploit vulnerabilities in one VM to gain unauthorized
access to other VMs on the same host.
• Snapshots and Cloning: Malicious actors can leverage the snapshot and
cloning features in virtualization to duplicate compromised VMs or revert to
a known good state to avoid detection and maintain persistence in the
environment.
 EXAMPLES
• Unauthorized VM Migration: Unauthorized migration of VMs between
hosts can be used to evade detection or gain access to other parts of the
network. An attacker could move a compromised VM to a different host to
cover their tracks.
• Interception of Virtualized Network Traffic: Attackers can target the virtual
network infrastructure to intercept, manipulate, or eavesdrop on network
traffic between VMs or between VMs and external networks.
 EXAMPLES
• Vulnerable Management Interfaces: Exploiting vulnerabilities in the
management interfaces and APIs of virtualization platforms can provide
attackers with control over the virtualized infrastructure.
• Insecure VM Templates and Images: VM templates or images with pre-
installed software and configurations can contain vulnerabilities that an
attacker could exploit when creating new VM instances.
 QUESTIONS
• Explain Virtualization system specific attacks
• Explain vulnerable management interface and unauthorized VM migration.
• Give the methods of Protection against virtualization system-specific attacks
 REFERENCES
• https://www.youtube.com/watch?v=cXhmn8PnZF4
• https://www.youtube.com/watch?v=Owp7m0GE9Js
• https://www.youtube.com/watch?v=cXhmn8PnZF4
• https://www.youtube.com/watch?v=QVKIKAStZqg
• https://www.youtube.com/watch?v=1ewio854axo
• https://www.youtube.com/watch?v=tGGO9tlo9-4
• https://www.youtube.com/watch?v=3lxHUay3QzI&list=PLvfCbc2PVbW93IAOMxvtYkw6lFzdMmS_9
• https://www.studocu.com/in/document/st-peters-college-of-engineering-and-technology/cloud-computing/
ccs335-unit-5-notes/74112577
• https://www.slideshare.net/slideshow/virtualization-system-specific-attacks-1-pptx/272068573
• https://www.studocu.com/in/document/kings-engineering-college/computer-science/unit-5/97363405
• https://www.scribd.com/document/725550310/unit-5-class-lecture-slides
• https://www.slideshare.net/slideshow/663187411unitiiivirtualizationsystemspecificattacks1pdf/264710824
THANK YOU

12