Breakpoints: An analysis of potential hypervisor attack vectors

Cloud computing is rapidly transforming the delivery of information services. It offers a scalable, reliable platform to dynamically provision computing resources for geographically distributed users. Despite the benefits of low-cost computing and infrastructure on-demand, the risk of compromised clouds detracts many potential adopters. Cloud services are rendered by virtualized operating systems called virtual machines. Virtual machines reside on specialized servers called hypervisors. Hypervisors provide a conduit to the underlying hardware and resources. Because of their important role, they also represent a prime target for attack. They not only contain virtual machines, but also grant access to hardware resources. The growing number of publicized vulnerabilities indicates that attackers have set their sights on the hypervisor. This research considers vulnerabilities in the ESXi 5.0 hypervisor platform. It focuses on attacks which escalate permissions to exploit host metadata. Four potential attacks vectors are identified and analyzed. Recommendations for coping with these increasing threats are suggested.