Security Challenges of Virtualization Hypervisors in Virtualized Hardware Environment

The concept of virtualization machines is not new, but it is increasing vastly and gaining popularity in the IT world. Hypervisors are also popular for security as a means of isolation. The virtualization of information technology infrastructure creates the enablement of IT resources to be shared and used on several other devices and applications; this increases the growth of business needs. The environment created by virtualization is not restricted to any configuration physically or execution. The resources of a computer are shared logically. Hypervisors help in virtualization of hardware that is a software interact with the physical system, enabling or providing virtualized hardware environment to support multiple running operating system simultaneously utilizing one physical server. This paper explores the benefits, types and security issues of Virtualization Hypervisor in virtualized hardware environment.


Introduction
Virtual machine (VM) has been in existence since 1960s when IBM made the first ever VM to enable repeated interface access to a mainframe computer.Then each VM was an instance of the physical machine.It was a transparent way of enabling time-sharing and resource sharing on expensive hardware.The emerging of multiprocessing and cheaper hardware in the 1970s and 1980s almost pushed VM out of the IT world.
The increased demand for IT resources has created a vast predicament of deploying and managing IT resources in a larger scale.Cloud computing has transformed the way people use computers and how services are run.The Cloud Service Providers (CSP) are able to provide IT infrastructures to meet the demand from the cloud users by simply leasing infrastructure from the infrastructure provider.This is achieved by the infrastructure provider using virtualization, where customers of the cloud service share the same physical services that are virtualized logically.Hypervisor can be run in two ways: It can run directly on the hardware this is called the (Type-1 or the bare-metal virtualization) or it can run on top of a host machine operating system this is known as the (Typw-2 or hosted virtualization) [1].The native or bare-metal hypervisor is more robust, efficient and delivers greater scalability more than a hosted hypervisor, this is because the bare-metal hypervisor has direct access to the hardware resource of the host machine rather being on top of the host machine operating system.There are a number of ways of implementing virtualization, two approaches stand out which is the Full virtualization (FV) and the Para-virtualization (PV) [2].Among the different commercial Hypervisors available the XEN hypervisor or virtualization solution can host both the Full and Para-virtualization [2] [3].The purpose of this paper is to carefully study the security issues of Virtualization Hypervisor, the types, its implementation and benefit.
This paper is organized as follows: Section 2 describes virtualization hypervisors together with its implementation; Section 3 discusses the types of hypervisor and shows comparison of various commercial hypervisor; Section 4 presents the types of virtualization; Section 5 highlights several advantages of virtualization, while Section 6 shows the security features of virtualization, and finally a conclusion.
Hypervisor also known as Virtual Machine Monitor (VMM), is the basic software for providing virtualization.Virtualization creates the environment for various operating system to run on a single node or host computer or machine.The main purpose of the hypervisor (VMM) is to monitor the Virtual Machine (VM) that runs above the VMM.This enables more than one guest machine to utilize the hardware resources of a single host machine [4].Hypervisors are classified into two: Native or Bare Metal, and Hosted hypervisors.Virtualization through the implementation of VMM reduces cost, space requirement etc.There are various model of virtualization available but it all depends on the hypervisors role.The unique security features and pros of virtualization has increased the research line in virtualization [5]- [14].Several implementations of Virtual Machine have been seen to monitor and protect operating system kernel such as: Livewire which is applied for monitoring of Malware detection [5]- [15], SecVisor [13]- [15], NICKLE [11]- [15], VMwatcher [2]- [15], Lares [4]- [15], HookSafe [11]- [15], and SIM [9]- [15], they all utilize virtualization to protect the guest machines Operating system kernel integrity and the behavior of the kernel.Also some other utilizations of virtualization have been integrated into the debugging and analysis tool such as K-Tracer [6]- [15], PoKer [8]- [15], and After Sight [15], they all examine the system and the kernel anomaly.
Figure 1 shows a virtual environment, where the hypervisor is right above the host hardware, and virtualizing guest machine with the full capability or more of the host machine.

Virtualization Hypervisors
Virtualization enables or allows multiple applications or operations to gain access to the hardware resources/ software resources of the host machine.Virtualization is a layer between the hardware and the operating system and it also provides access transparency.The hypervisors also known as the Virtual Machine Monitor (VMM), manages the applications and the operating system in general.There's a path created by the VMM which allows multiple of the same operating system to run on the host machine as well with the hypervisor managing the resources among the various operating system hardware requirement.In [16], Virtual Machine originated from the PR/SM hypervisor built for IBM 370 mainframes systems in 1970.In memory virtualization, an application or software in the computer gains access to more memory than what is originally installed physically, this way other IT infrastructures can also have memory virtualization to increase productivity, efficiency, and effectiveness of the corresponding application, such infrastructure includes: networks, storage, memory, server hardware, laptop hardware, operating system and applications alike.Figure 2 shows a host machine before virtualization; it runs a single Operating system image per machine, software and hardware resources per machine, resource are not used fully, it is not flexible and costly infrastructures, and running of more than one instance of an application on the same machine often causes conflicts of applications.
Figure 3 depicts a computer that is virtualized, that can host more than one operating system in its virtualized environment, running at the same time, and virtual machines can be deployed on any system, and it doesn't rely on the operating system nor hardware of the host.Virtual infrastructure gives administration the upper hand in handling resources put together across the enterprise at large, allowing IT managers to focus and be more responsive to changing IT needs in an organization by utilizing the power of vitalization.Virtualization can be used and implemented in many ways among which are: a) Server Consolidation: This combines or centralizes the workloads of various physical machines that are not fully used to lesser machines that can run safely and transparently over shared hardware infrastructure and also increase the overall utilization of the server from 5% -15% to 60% -80% [17].e) Debugging: The virtual environment can help in debugging of applications or software that are complicated such as an operating system or a device driver.This is achieved by allowing the user to execute the software in a virtualized environment with all the full control of the software available in the environment, giving the programmer or developer the perfect environment for debugging.
f) Multiple Simultaneous Operating System: Virtualization enables the facility of having and running more than one operating system simultaneously, and also having different applications according to the users demands as shown in Figure 6.The guest machine runs on the virtualized application or software that in turn runs above   the host machine operating system.g) Business Continuity: This is achieved by putting the entire system files into a single file that can be replicated and restored on any server.This reduces downtime.
h) Sandboxing: Virtual Machine helps in providing secure and isolated environments for applications that are less trusted in the virtualized operating system.Virtualization helps in creating a secure computing environment.
i) Software Migration: This ease the migration or moving of software form one server to another, thereby helps mobility.
Virtualization has been part of the IT environment for decades.Today, Virtual Machine can be used in any system layer ranging from hardware, operating system, high-level languages virtualization etc.

Types of Hypervisors
Hypervisors as stated earlier is a software that manages different operating system or different instances of the same operating system in one physical computer or host machine, has two distinct types namely: Type 1: Native or bare Metal and Type 2: Hosted hypervisors.

Type 1: Native or Bare Metal Hypervisor
These are software that run directly above the hardware of the host machine.It also monitors the operating system that runs directly above the hypervisor and also monitors the operating system that runs on the guest machine.This is because the guest machine operating system runs on a different or isolated level that is directly above the hypervisor.Examples are Oracle VM, Microsoft Hyper-V, VMWare ESX and Xen [18], as shown in Figure 7.

Type 2: Hosted Hypervisor
The hypervisor is hosted or installed on an already existing operating system and it houses other operating system that is above it.In this type of hypervisor, any problem occurring with the host operating system will affect guest machine operating system that is running on the hypervisor and also it affects the hypervisor itself, although sometime the hypervisor running above the operating system might be secured but the guest operating system wouldn't be.As shown in Figure 8, the hosted operating system has an additional layer above it where the hypervisor resides and a third layer is above the hypervisor.Examples of such are Oracle VM Virtual Box, VM Ware Server and Workstation, Microsoft Virtual PC, KVM, QEMU and Parallels [18]- [20].
The hosted architecture of hypervisor, relies on host operating system for device support and physical resource management.Originally hypervisors were developed to suit server platforms, later on the virtualization of Desktop, PC operating systems were achieved.A challenge that held the virtualization of PCs operating system was the virtualization of the x86 based CPU architecture [21].In virtualization, the x86 based CPU architecture a VMM is required below the host machine operating system above the hardware.Table 1 Shows different commercial hypervisors with common characteristics.

Types of Virtualization
There are numerous types of virtualization available in the IT world, in the cause of this research we are going to highlight some important ones that are currently applicable.a) Hardware Virtualization: This is the creation of a Virtual Machine that acts in the way of a real computer operating system.The software that's been installed is separate from the one on the hardware infrastructure [22].For example, a host machine can virtualize a guest machine running on Linux operating system with the corresponding operating system software installed on it [23].

Types of Hardware Virtualization
• Full Virtualization: In this type of virtualization, a complete look-alike of the real hardware is virtualized to allow the software (consisting of guest operating system) to function without any modification [24].As shown in Figure 9.
• Partial Virtualization: In this type of virtualization, not all of the host machine hardware are actually simulated (having a look-alike).This causes some programs to be modified in the guest machine to run in the virtualized environment [24].This is shown in Figure 10.
• Para-Virtualization: This does not emulate the hardware environment in the software, instead it does organize the access to hardware resources in aid of the virtual machine [25].The para-virtualized type of hardware virtualization offers possible performance benefits when a guest machine operating system is running in the virtualized environment with modifications done to the guest that is been virtualized [26].Example of para-virtualization software is the Xen Open Source Virtualization software [25] [26].This is shown in Figure 11.a) Application Virtualization: This is the virtualization of applications in the host machine without modifying the host machine or the OS, File System, or Registry.With the application virtualization technology, organizations can easily deploy custom/commercial applications across the organization without installation conflicts, system changes etc. some benefits of application virtualization are: • It ensures faster spread of the software • Full Portability: Applications that are virtualized can be accessed and shared from any network without the aid of a local server.
• Increased efficiency of application deployment • Supportability: Virtualized application does not require modifications of administrative or security permission for installation [27].
Figure 12 shows how application is virtualized.b) Operating System Virtualization: In this technology the host machine desktop is totally moved from the real or physical operating system into a virtualized environment.The host machine is physically present but the virtualized operating system is hosted in another server elsewhere.Users of the virtualized operating system can conduct various kind of modification on their copy of the visualized operating system without other virtualized OS been affected [28].Figure 13 depicts how a virtual operating system is achieved.The host machine houses the host operating system, while the virtualized software runs just above the host operating system, and the virtualized OS is deployed above the virtualization software.c) Nested Virtualization: This virtualization architecture enables the deployment of a virtual machine within another virtual machine [29] that is the running of one or more hypervisor within another hypervisor [30].In nested virtualization, the hypervisor that is on the host machine is known as Level 0 or L 0; the hypervisor that runs on the guest machine LO is known as Level 1 or L 1; while the hypervisor that runs on the L 1 is known as the Level 2 or L 2 [31].Figure 14 illustrates the nested virtualization whereby one machine can host several server virtually.d) Memory Virtualization: Memory virtualization enables applications to take advantage of a shared memory      pool to increase overall performance, usability, memory efficiency usage, stability etc.The memory virtualization shares a large pool of physical memory from more than one machine logically or virtually for applications to use [32].Figure 15 shows memory virtualization process from the host machine to the guest machine and to the application running in the guest machine (virtualized machine).Some benefit of memory virtualization includes [32]: • It improves the utilization of memory through the sharing of resources that are scarce.
• It increases the overall efficiency and reduces the run time data intensive application.
• It enables applications that run on various sever to share data without the reduction or decrease of the total memory needs.
• It provides faster access and reduces latency.
Figure 16 shows how an operating system connects to a memory pool and make available the pool memory to applications [32].

Advantages of Virtualization
• Security: A security breach on one of the virtual machines does not affect the other VM because of isolation.This is achieved by the different compact environment that have different or separate security measures in the  • Reliability and Availability: When there's a software failure in one virtual machine or guest machine, it doesn't affect other virtual machines.
• Cost: Virtualization is cost effective by combining small servers to secure a more powerful server.The cost effectiveness of virtualization runs down to the hardware, operations (man power), floor space, and software licenses.The cost reduction created from virtual machine ranges from 29% to 64% [33].
• Adaptability to Workload Differences: In virtualization when workload changes or varies, the workload degree can be optimized easily by shifting the resources and priority allocations between or among virtual machines [33].Processors can also be moved from one virtual machine to another [34].
• Load Balancing: The software state of a VM is relatively condensed by the hypervisor, this makes it possible for migration of the entire virtual machine to another platform, it improves load balancing [35].
• Legacy Applications: This enables the running of legacy applications on old OD in the guest machines.For example if an enterprise decides to migrate to a different OS, it is possible to maintain the old legacy applications on the old VM or guest machine.

Virtualization Security
In a virtualized environment, various guest machines have liberated security zones which are not accessible from other VMs that also have their own security zone.Hypervisors also have their own security zone because it is the main controller of what happens inside the virtualization environment of the host machine.The functioning of a VM host can be affected by a hypervisor [36].Multiple zones are available in a VM, all these zones occur within the same physical infrastructure.This can create a security problem when the hypervisor is attacked and is taken over by the attacker.When such attack is successful, the attacker gains full control over every data that's in the hypervisor environment.Another security problem is the access of the hypervisor from a guest machine or a VM level [37].

Abstraction
In Virtual Machine, the abstraction level adds additional security to the hypervisor.The OS restrict hardware access in VM by abstracting the hardware details.This is the reason why the same OS can be initiated on two machines with different configurations.VM creates an abstraction of the hardware and OS. Figure 17 shows, the guest OS running inside a VM, can't tell the host machine OS or hardware configuration at all.Because hypervisors are much simpler in operation than the native or traditional OS, it is much easier to secure [38].

Isolation
The hypervisor create segments of the physical resources and isolates them allowing each guest machine to run self-sufficiently.If an attack occurs on the VM it wouldn't affect other guest machines on the VMM or the host machine OS.The isolation of VM gives an additional level of security to the VM.When a Virtual Machine is compromised the hypervisor can restore the VM to an earlier state before the attack was done.

State Restore
Virtual Machines are capable of restoring a guest OS to an earlier time.On a time interval VMs take snapshot of the content in the virtual disk.State restore helps to guarantee data integrity and act as a virus removal.

External Monitoring
Virtual Machines run on separate hardware resource, this makes it possible to detect malicious software outside the VM unlike the physical installation of OS on a host, which requires an antivirus for protection.The hypervisor monitors the VM or a special Virtual machine that can view the systems activity and check for anomaly.Figure 18 illustrates how a dedicated VM is used to monitor the activities of other VMs.
These dedicated monitors are used in intrusion detection system, integrity check, forensic analysis, etc. [39].Some other security benefits of virtualization are: • The centralized storage used in virtual machine environments prevents loss of data when a device is either  • Server virtualization can lead to better handling of threat due to its ability to roll back to a working state before the attack or threat occurred.
• Desktop Virtualization helps to better control the virtualization environment.A better control of the OS is done using desktop virtualization to meet organizational needs.
• Virtual Switches is not open to inter-switch link tagging attacks because they does not carry out dynamic trunking; double encapsulation packets are dropped by the virtual switch, this prevents the double encapsulation attacks; virtual switch does not allow data packets to live its route or domain so that brute force attack does not work on them.

Conclusions
Today IT has expanded, the cloud environment runs various virtual machines for their infrastructure and applications.We discussed on the various type of virtualization that are available in the virtual environment, of which some are: Hardware virtualization, Application Virtualization, Memory Virtualization, Operating System Virtualization etc.These types of virtualization help in the utilization of virtualized resources or infrastructure.Also, in this research we found out the types of hypervisors and how they are deployed in the virtualized environment; the Native or Bare Metal Hypervisor runs directly on the host machine hardware, and the Hosted Hypervisor runs on a traditional OS or the host machine OS.A comparative table was drawn to show the differences and similarities between some commercial hypervisors available.
Virtualization technologies deliver numerous vital features that make it a powerful tool to be used in a wide array of applications.Some of them are server consolidation, application sandboxing, access to varieties of hardware and OS, debugging, mobile computing, packaging (for appliances), testing, easy system administration, and quality of service.These important features gave virtualization a widespread research area in academia as well as industry.Our future research would focus on mainly on the security challenges of Virtualization Hypervisors and how these challenges can be solved correspondingly.

Figure 4 ,
illustrate the server consolidation virtualization, where different physical servers are virtualized into one physical server and then virtualized as different servers, increasing its efficiency, workability, speed etc. b) Application Consolidation: This is giving legacy or outdated applications the environment to utilize new hardware and operating system by virtualizing the new hardware and providing access to other guest machines to utilize the application.c) Multiple Execution: Virtualization can help create more than one environment for program or application execution ad also the quality of service can be increased by ensuring that specific amount of resources is allocated appropriately.d) Virtual Hardware: The virtualization of hardware that is unavailable to users is achieved in virtualizing hardware.Examples of such hardware are: SCSI drivers, Virtual Ethernet Adapters, Virtual Ethernet Switches, and Hubs etc. as shown in Figure 5.