AUEB Library - Digital Repository

PYXIDA Institutional Repository
and Digital Library

Username
Password

Collections :	Ιδρυματικό Αποθετήριο ΟΠΑ / AUEB Institutional Repository Σχολή Διοίκησης Επιχειρήσεων / School of Business Τμήμα Διοικητικής Επιστήμης και Τεχνολογίας / Department of Management Science and Technology Ανακοινώσεις σε Επιστημονικά Συνέδρια / Conference papers

Title :	An empirical analysis of vulnerabilities in virtualization technologies

Creator :	Gkortzis, Antonios Rizou, Stamatia Spinellis, Diomidis

Type :	Text

Notes :	dx.doi.org/https://doi.org/10.1109/CloudCom.2016.0093

Extent :	6p.

Language :	en

Identifier :	http://www.pyxida.aueb.gr/index.php?op=view_object&object_id=11609

Bibliographic Citation :	Published in 2016 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)

Abstract :	Cloud computing relies on virtualization technologies to provide computer resource elasticity and scalability. Despite its benefits, virtualization technologies come with serious concerns in terms of security. Although existing work focuses on specific vulnerabilities and attack models related to virtualization, a systematic analysis of known vulnerabilities for different virtualization models, including hypervisor-based and container-based solutions is not present in the literature. In this paper, we present an overview of the existing known vulnerabilities for hypervisor and container solutions reported in the CVE database and classified under CWE categories. Given the vulnerability identification and categorization, we analyze our results with respect to different virtualization models and license schemes (open source/commercial). Our findings show among others that hypervisors and containers share common weaknesses with most of their vulnerabilities reported in the category of security features.

Abstract :

Cloud computing relies on virtualization technologies to provide computer resource elasticity and scalability. Despite its benefits, virtualization technologies come with serious concerns in terms of security. Although existing work focuses on specific vulnerabilities and attack models related to virtualization, a systematic analysis of known vulnerabilities for different virtualization models, including hypervisor-based and container-based solutions is not present in the literature. In this paper, we present an overview of the existing known vulnerabilities for hypervisor and container solutions reported in the CVE database and classified under CWE categories. Given the vulnerability identification and categorization, we analyze our results with respect to different virtualization models and license schemes (open source/commercial). Our findings show among others that hypervisors and containers share common weaknesses with most of their vulnerabilities reported in the category of security features.

Subject :	IT security Virtualization Vulnerabilities Hypervisor Common Vulnerabilities and Exposures (CVE)

Date Available :	2024-10-25 11:51:22

Date Issued :	2016

Date Submitted :	2024-10-25 11:51:22

References :	A. Gkortzis, S. Rizou and D. Spinellis, "An Empirical Analysis of Vulnerabilities in Virtualization Technologies," 2016 IEEE International Conference on Cloud Computing Technology and Science (CloudCom), Luxembourg, Luxembourg, 2016, pp. 533-538, doi: 10.1109/CloudCom.2016.0093.

Access Rights :	Free access

Licence :

File: Gkortzis_Rizou_Spinellis_2016.pdf

Type: application/pdf

Login