Securing Cloud Hypervisors: A Survey of the Threats, Vulnerabilities, and Countermeasures

Barrowclough, John Patrick; Asif, Rameez

doi:10.1155/2018/1681908

Cited by 18 publications

(5 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Commercially developed hypervisors add to the attack surface of the system. Successfully attacking the hypervisor may allow an attacker to gain root privileges on all virtual machines contained within the physical server [7]. However, an ongoing area of research is focused on developing cyber secure hypervisors, ensuring that the attack surface is not increased [29].…”

Section: Control Theorymentioning

confidence: 99%

Cyber-Resilient SCADA Systems via Secure State Restoration

Birnbaum¹,

Davis²,

Salman³

et al. 2020

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

Supervisory Control and Data Acquisition (SCADA) systems are widely used by critical infrastructure and are ubiquitous in numerous industries including telecommunications, gas, and manufacturing. SCADA systems are high risk targets for cyber attack given their criticality, interconnectedness, and internet accessibility. Programmable Logic Controllers (PLCs) are one of the primary components of SCADA systems which monitor and provide control instructions to other devices, as well as receive data from sensors. Unfortunately, PLCs today are configured in a persistent manner, i.e. physical devices are configured once and designed to be continuously operational, and are ill-suited to operate in a virtual, dynamic, and cyber resilient environment. Therefore, there is a need for cyber resilient SCADA architectures which can endure and recover from cyber attacks. The presented approach describes a secure way to store system states which are then used by redundant, non-persistent devices during operation and recovery procedures. Successful application of the approach results in a non-persistent, Byzantine fault tolerant, virtual Industrial Control System (ICS) where state and function can be stored and restored securely, resulting in greater system cyber resilience. To demonstrate the efficacy and assess the applicability of the approach, mathematical and timing analyses were conducted. An environment implementing the approach architecture was configured and tested where a cyber attack against non-persistent PLCs resulted in quick identification and subsequent secure restoration with no loss in state or functionality. This approach works as a practical framework for applying cyber resilience with non-persistence and state restoration to SCADA environments.

show abstract

Section: Control Theorymentioning

confidence: 99%

Cyber-Resilient SCADA Systems via Secure State Restoration

Birnbaum¹,

Davis²,

Salman³

et al. 2020

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

show abstract

“…John Patrick Barrowclough and Rameez Asif, in [13], identified the threats to which the cloud «hypervisor» is exposed, conducted an in-depth analysis and identified cloud security problems. For the in-depth analysis, a fully functional private cloud infrastructure running on CloudStack for software management was demonstrated and a real hack was organized.…”

Section: Brief Overview Of Used Articlesmentioning

confidence: 99%

A Survey on Threat-Modeling Techniques: Protected Objects and Classification of Threats

et al. 2022

View full text Add to dashboard Cite

Information security is one of the most important attributes of distributed systems that often operate on unreliable networks. Enabling security features during the development of a distributed system requires the careful analysis of potential attacks or threats in different contexts, a process often referred to as «threat modeling». Information protection should be comprehensive, but it is also necessary to take into account the possibility of the emergence of threats specific to a certain information system. Many public and private organizations are still trying to implement system models and the threats directed at them on their own. The main reason for this is the lack of useful and high-quality methodologies that can help developers design system models. This review explores a variety of the literature on confidentiality- and integrity-aware system design methodologies, as well as threat classification methods, and identifies key issues that may be referenced by organizations to make design system processes easier. In particular, this article takes a look at the extent to which existing methodologies cover objects of protection and methods of classifying threats, as well as whether there are such models of systems in which the object itself and the threats directed at it are described. This includes whether the compiled models exhibit symmetry or asymmetry. This literature research shows that methodologies appear to be heterogeneous and versatile, since existing methodologies often only focus on one object of protection (a system). Based on the given analysis, it can be concluded that the existing methodologies only relate superficially to the description of system models and threats, and it is necessary to develop a more complete abstract model of the protected object and threats aimed at it in order to make this model suitable for any organization and protect it against most threats.

show abstract

“…Cloud infrastructures enable the building of elaborated services through the composition and configuration of multiple computing resources, such as virtual machines, network devices, and software components. These elementary resources may typically be deployed across different infrastructures supported by one or several cloud provider(s), and are subject to changes over time [1]. This dynamics increases the complexity of management tasks and may lead to potential vulnerabilities that may compromise the resources, or even the whole cloud composite service.…”

Section: Introductionmentioning

confidence: 99%

“…We would like to thank Professor Olivier Festor for his very helpful comments and advices on the submitted article. 1 Satisfiability Modulo Theories recent advances on virtualization techniques [2], allowing to transfer the resource(s) of a cloud composite service from a given provider (or a given infrastructure) to another provider (or infrastructure) [3]. This process is often motivated by performance and cost objectives with regard to the cloud properties, such as high scalability, rapid elasticity, resource pooling and on-demand self-service [4].…”

Section: Introductionmentioning

confidence: 99%

An Automated SMT-based Security Framework for Supporting Migrations in Cloud Composite Services

Oulaaffart

Badonnel

Bianco

2022

NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium

View full text Add to dashboard Cite

The growing maturity of orchestration languages is contributing to the elaboration of cloud composite services, whose resources may be deployed over different distributed infrastructures. These composite services are subject to changes over time, that are typically required to support cloud properties, such as scalability and rapid elasticity. In particular, the migration of their elementary resources may be triggered by performance constraints. However, changes induced by this migration may introduce vulnerabilities that may compromise the resources, or even the whole cloud service. In that context, we propose an automated SMT 1 -based security framework for supporting the migration of resources in cloud composite services, and preventing the occurrence of new configuration vulnerabilities. We formalize the underlying security automation based on SMT solving, in order to assess the migrated resources and select adequate counter-measures, considering both endogenous and exogenous security mechanisms. We then evaluate its benefits and limits through large series of experiments based on a proof-ofconcept prototype implemented over the CVC4 commonly-used open-source solver. These experiments show a minimal overhead with regular operating systems deployed in cloud environments.

show abstract

Securing Cloud Hypervisors: A Survey of the Threats, Vulnerabilities, and Countermeasures

Cited by 18 publications

References 24 publications

Cyber-Resilient SCADA Systems via Secure State Restoration

Cyber-Resilient SCADA Systems via Secure State Restoration

A Survey on Threat-Modeling Techniques: Protected Objects and Classification of Threats

An Automated SMT-based Security Framework for Supporting Migrations in Cloud Composite Services

Contact Info

Product

Resources

About