NCI WEBSITE
NORMA eResearch @NCI Library

Enhancing Virtualization Security in Oracle VirtualBox: Investigating VM Escape Vulnerabilities and Mitigations

Tools

Jacob, Joshua Chakko (2023) Enhancing Virtualization Security in Oracle VirtualBox: Investigating VM Escape Vulnerabilities and Mitigations. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (676kB) | Preview
[thumbnail of Configuration manual]
Preview
 PDF (Configuration manual)
Download (786kB) | Preview

Abstract

Virtualization has transformed computing landscapes, enabling multiple operating systems to run on a single physical host, often using hypervisors like Oracle VirtualBox. However, this advancement introduces security challenges due to shared resources, such as RAM and storage (Administrator., 2013). This research project focuses on virtualization security within Oracle VirtualBox, particularly vulnerabilities leading to Virtual Machine (VM) escape. It delves into risks linked to misconfigured shared folders between the host and guest OS. The study begins by explaining virtualization security concepts and the impact of shared folder misconfigurations (Misconfigured Cloud Services Pose High Security Risks for Organizations - Wiadomości bezpieczeństwa, no date). It demonstrates a scenario where a Guest OS interacts with the Host OS via a shared folder, inadvertently exposing vulnerabilities that enable unauthorized code execution on the host by the Guest OS. To mitigate these threats, a security certificate requiring authorization for host system actions initiated from the Guest OS is proposed. Experimental evidence highlights the effectiveness of this approach in enhancing security. This research addresses vulnerabilities in Oracle VirtualBox, contributing to the understanding of virtualization security. It emphasizes the significance of securing shared folder communications, offering insights into VM escape risks, and presenting a practical solution to prevent unauthorized actions. The project bridges theoretical vulnerabilities with real-world solutions, underscoring the critical importance of virtualization security. This work serves as a valuable resource for IT administrators, researchers, and practitioners aiming to establish secure virtualized environments:

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Aleburu, Joel
UNSPECIFIED
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Tamara Malone
Date Deposited: 22 Oct 2024 14:30
Last Modified: 22 Oct 2024 14:30
URI: https://norma.ncirl.ie/id/eprint/7124

Actions (login required)

View Item View Item