For virtualization, we need a virtualization layer between the host and the guest machine. This virtualization layer is called a hypervisor. It is the brain of a virtual system as it continuously monitors and manages the guest machine running on top of it.
The host machine is an actual machine that is responsible for providing resources as requested by guest machines via hypervisor. The pool of resources like storage, processing power (CPU cores), and network(I/O communication) available for distribution is limited by the resources of the host machine. The guest machine is dependent on the host machine for resources.
The guest machine is a virtual implementation of a real-world system. It is a logical realization of the computer. This uses virtual resources as allocated by the hypervisor from the existing resources of the host machine. It is similar to running multiple computers(guests) on a single computer(host).
A hypervisor is a layer of software or firmware lying between the host and the guest machine. It is also called the virtual machine monitor (VMM). Since it governs the virtual machines running on top of it. It consists of various functionalities such as:
- Resource allocation for each VM running on top of it from the resource pool.
- Various monitoring mechanisms were installed such as load balancer, automatic scaling listener, etc.
- Binary translation of OS’s running on top of it for kernel access in case of full virtualization.
Based on the presence or absence of OS there are two types of hypervisors:
- Type 1 Hypervisor
- Type 2 Hypervisor
Type1 Hypervisor
It is a bare metal hypervisor that directly runs on top of the underlying hardware of the host. Bare metal in the sense that there is no host OS in between the hypervisor and the underlying hardware. This direct placement further improves the system performance and is often used in enterprise-level applications. Furthermore, with limited software layers, the chances of an attack are minimal. For eg, Microsoft HyperV, VMware ESXi, Citrix XenServer, etc.
Type2 Hypervisor
It runs on top of the host OS and is typically used for personal purposes where the risk of security threat is lower and system performance is not an issue. For eg, VMware Workstation Player, Microsoft Virtual PC, Oracle VirtualBox, etc.
A key advantage of using a hypervisor other than managing and monitoring the virtual machine is that it makes the virtual machine independent of the underlying host. This makes virtual machines portable as VMs can be migrated from one host machine to another with a similar system configuration.
Being the primary monitoring component, the Hypervisor has the highest privilege as compared to guest machines. This often results in frequent attacks on hypervisors. Such that the higher privilege of the system can be exploited to gain wider access to the system. Due to the limited software layer in the bare metal hypervisor, the possibility of attack is minimal as compared to the attack on the type2 hypervisor. There are two possible attacks on hypervisors: attack through guest OS and attack through host OS.
Attack Through Guest OS
Consider that somehow the intruder got access to the OS of one of the VMs. Then he could send some malicious code as a request from the OS to the hypervisor. This code may compromise the hypervisor giving the attacker the higher privilege such that he could control all the machines lying above it or perform a resource exhaustion attack.
Attack Through Host OS
Consider that somehow the intruder got access to the Host OS. With access to Host OS, he has access to all the systems lying above it i.e. hypervisor, and VMs. This further increases the risk of data corruption and denial of service attacks (rejecting new VM requests).
To overcome the security issues we can use the following measures:
- Regularly update the hypervisor and OS.
- Use the least privilege policy for hypervisors such that privilege is enough to perform the functionalities but less enough to get exploited.
- Incorporation of various security monitoring mechanisms in the hypervisor.
- Implementation of strict access control policies.