Open Access
Subscription Access
A Novel VENOM Attack Identification Mechanism in Cloud Virtualization Environment
Abstract
This paper investigates the security issue of virtualization in the cloud computing. We focus on how to identify the VENOM attack in the cloud-computing environment, and how to protect the hypervisor from this VENOM attack. Firstly, we have implemented VENOM vulnerability in the environment of QEMU/KVM and tried to identify its behaviors (action) in the cloud. Secondly, we also tried to protect the hypervisor, which is the most vulnerability part for virtualization environment. The proposed mechanism provides identification of the VENOM attack and lock the FDC port (0x3f5), which is responsible to send I/O command to the hypervisor.
Keywords
VENOM; QEMU; Virtualization; I/O command; Malware Attack
Citation Format:
Cheick Abdoul-Kader, Shih-Hao Chang, "A Novel VENOM Attack Identification Mechanism in Cloud Virtualization Environment," Communications of the CCISA, vol. 24, no. 1 , pp. 61-72, Jan. 2018.
Cheick Abdoul-Kader, Shih-Hao Chang, "A Novel VENOM Attack Identification Mechanism in Cloud Virtualization Environment," Communications of the CCISA, vol. 24, no. 1 , pp. 61-72, Jan. 2018.
Refbacks
- There are currently no refbacks.
Published by Chinese Cryptology and Information Security Association (CCISA), Taiwan, R.O.C
CCCISA Editorial Office
E-mail: ccisa.editor@gmail.com