@inproceedings{2afa798c2dfe4fe28672204e361ef24b,
title = "An empirical analysis of vulnerabilities in virtualization technologies",
abstract = "Cloud computing relies on virtualization technologies to provide computer resource elasticity and scalability. Despite its benefits, virtualization technologies come with serious concerns in terms of security. Although existing work focuses on specific vulnerabilities and attack models related to virtualization, a systematic analysis of known vulnerabilities for different virtualization models, including hypervisor-based and container-based solutions is not present in the literature. In this paper, we present an overview of the existing known vulnerabilities for hypervisor and container solutions reported in the CVE database and classified under CWE categories. Given the vulnerability identification and categorization, we analyze our results with respect to different virtualization models and license schemes (open source/commercial). Our findings show among others that hypervisors and containers share common weaknesses with most of their vulnerabilities reported in the category of security features.",
keywords = "Cloud Computing, Container, Hypervisor, Virtualization, Vulnerabilities",
author = "Antonios Gkortzis and Stamatia Rizou and Diomidis Spinellis",
year = "2016",
month = jul,
day = "2",
doi = "10.1109/CloudCom.2016.0093",
language = "English",
series = "Proceedings of the International Conference on Cloud Computing Technology and Science, CloudCom",
publisher = "IEEE",
pages = "533--538",
booktitle = "Proceedings - 8th IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2016",
address = "United States",
note = "8th IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2016 ; Conference date: 12-12-2016 Through 15-12-2016",
}