A Systematic Review of Vulnerabilities in Hypervisors and Their Detection

Litchfield, A
Shahzad, A
Item type
Conference Contribution
Degree name
Journal Title
Journal ISSN
Volume Title
Association for Information Systems (AIS)

The paper presents a systematic review of risk assessment processes to provide an overview of the risks to cloud computing and identify future research directions. This paper also provides an analysis of sophisticated threats to hypervisors and highlights vulnerabilities and exploits. Virtualization is a core feature of Cloud Computing and it is often a target for attackers. The hypervisor, which provides thevirtualization layer, if compromised, can result in loss or damage to critical assets owned by Cloud Service Providers and their customers. The exploitation of hypervisor vulnerabilities provide opportunities for an attacker to launch sophisticated attacks such as Cross-VM Side Channel, Denial of Service, and Hypervisor Escape. The rate of adoption of cloud services is reflected in the lack of security controls against such sophisticated attacks and the resulting lack of trust, therefore we argue that risk assessment for hypervisors’ is significant for Cloud Service Providers.

Hypervisor; Vulnerabilities; Risk assessment; Vulnerability exploits; Vulnerability assessment; Zero-day threat
Published in 23rd Americas Conference on Information Systems (AMCIS) 2017 Proceedings, Information Systems Security and Privacy (SIGSEC), Retrieved from: https://aisel.aisnet.org/amcis2017/InformationSystems/Presentations/3/
Rights statement
AIS has a green Open Access Policy. Authors may immediately self-archive their articles without an embargo period when publishing.