Securing cloud hypervisors: A survey of the threats, vulnerabilities, and countermeasures

John Patrick Barrowclough, Rameez Asif

Research output: Contribution to journalArticlepeer-review

23 Citations (Scopus)
6 Downloads (Pure)

Abstract

The exponential rise of the cloud computing paradigm has led to the cybersecurity concerns, taking into account the fact that the resources are shared and mediated by a ‘hypervisor’ that may be attacked and user data can be compromised or hacked. In order to better define these threats to which a cloud hypervisor is exposed, we conducted an in-depth analysis and highlighted the security concerns of the cloud. We basically focused on the two particular issues, i.e., (a) data breaches and (b) weak authentication. For in-depth analysis, we have successfully demonstrated a fully functional private cloud infrastructure running on CloudStack for the software management and orchestrated a valid hack. We analyzed the popular open-source hypervisors, followed by an extensive study of the vulnerability reports associated with them. Based on our findings, we propose the characterization and countermeasures of hypervisor’s vulnerabilities. These investigations can be used to understand the potential attack paths on cloud computing and Cloud-of-Things (CoT) applications and identify the vulnerabilities that enabled them.
Original languageEnglish
Article number1681908
JournalSecurity and Communication Networks
Volume2018
DOIs
Publication statusPublished - 11 Jun 2018

Cite this