Lecture Notes: Cloud-Based Infrastructure and Virtual Machine Security

Introduction to Cloud-Based Infrastructures

• Ability to build virtual machines (VMs) rapidly and simultaneously.
• Security concerns are elevated with the dynamic nature of VMs creation and deletion.

Managing Security in Cloud Environments

• VMs have diverse configurations:
  • Different CPUs with varying capabilities.
  • Varying memory and storage capacities.
• VMs run operating systems akin to physical devices (Windows, Linux).
  • Same security best practices apply to VMs and physical devices.

Security Vulnerabilities in Virtual Environments

• Local Privilege Escalation: Unauthorized gain of higher privilege levels.
• Command Injection: Executing arbitrary commands on a host operating system.
• Information Disclosure: Exposure of sensitive information.

VM Escape: A Critical Vulnerability

• A rare exploit allowing attackers to move between VMs on the same hypervisor.
• Example: Pwn to Own 2017 Competition:
  • Exploited Edge browser's JavaScript engine bug.
  • Gained kernel access on Windows 10.
  • Breached VMware to move between VMs.
• Importance of timely patching and updates to prevent such exploits.

Resource Reuse: A Security Concern

• Hypervisors manage allocations of resources like memory and CPU.
• Potential for resource contention:
  • Example of memory over-allocation (6GB allocated when only 4GB available physically).
  • Risk of shared memory areas between VMs.
• Bugs in hypervisor memory management can lead to data exposure.

Conclusion

• Security in cloud-based and virtual environments requires vigilant management.
• Regular updates and patches are crucial to mitigate risks and vulnerabilities.