Securing cloud hypervisors: A survey of the threats, vulnerabilities, and countermeasures

Barrowclough, John Patrick and Asif, Rameez (2018) Securing cloud hypervisors: A survey of the threats, vulnerabilities, and countermeasures. Security and Communication Networks, 2018. ISSN 1939-0114

[img] PDF (Published manuscript) - Published Version
Available under License Creative Commons Attribution.

Download (10MB)

Abstract

The exponential rise of the cloud computing paradigm has led to the cybersecurity concerns, taking into account the fact that the resources are shared and mediated by a ‘hypervisor’ that may be attacked and user data can be compromised or hacked. In order to better define these threats to which a cloud hypervisor is exposed, we conducted an in-depth analysis and highlighted the security concerns of the cloud. We basically focused on the two particular issues, i.e., (a) data breaches and (b) weak authentication. For in-depth analysis, we have successfully demonstrated a fully functional private cloud infrastructure running on CloudStack for the software management and orchestrated a valid hack. We analyzed the popular open-source hypervisors, followed by an extensive study of the vulnerability reports associated with them. Based on our findings, we propose the characterization and countermeasures of hypervisor’s vulnerabilities. These investigations can be used to understand the potential attack paths on cloud computing and Cloud-of-Things (CoT) applications and identify the vulnerabilities that enabled them.

Item Type: Article
Faculty \ School: Faculty of Science > School of Computing Sciences
Depositing User: LivePure Connector
Date Deposited: 26 Jan 2022 10:30
Last Modified: 15 Mar 2022 01:23
URI: https://ueaeprints.uea.ac.uk/id/eprint/83145
DOI: 10.1155/2018/1681908

Actions (login required)

View Item View Item