The Great Arms Race For Security: Virtualization

The Great Arms Race For Security: Virtualization

Since its infancy in the early seventies when the first computer virus was created, the malware and anti-malware business has grown into multi-billion dollar industries. No longer are script kiddies creating malware for notoriety, instead the malware industry is run by organized criminals who invest time and money in new technologies and methods to compromise systems for profit.

The evolution of malware is the driver for the progress of security. Malware propagation has gone from floppy disks, to email attachments, and on to remote exploits of vulnerabilities. Malicious software itself has become more sophisticated by using kernel-level code to hide as rootkits, effectively moving down the stack. The result: an ‘arms race’ between organized criminals and security vendors. Each party reacts to changes in the industry to gain the upper hand. Take for example the growth in broadband adoption since the early 2000’s. As broadband adoption grew so too did the number of endpoints in botnets.

Security vendors process in excess of 4 billion requests per day to stop malware from propagating. However, the basic fundamentals of security have not changed in over 20 years. Malware takes advantage of exploiting vulnerabilities in operating systems and applications that run in them. The key point is that security solutions are implemented to stop malware within an operating system; however there is no such thing as a full-proof system. Security solutions operate within the confines of an operating system privilege structure. When attempting to inspect the system it is impossible to guarantee the integrity of the execution space of the security software running in the same execution space as malware. Therefore, beyond the question of whether or not a system has been compromised, it is a matter of what has not been found. With this in mind, the challenge for the security industry is to make the cost of attack so expensive that organized criminals choose different easier methods – for example basic social engineering techniques like a 451 scam.

Just as the rise of the Internet provided new opportunities for attackers, so too has virtualization and cloud technologies provided both security experts and attackers with new opportunities. With cloud computing the security challenge is even further exacerbated simply because end-users do not have access to the underlying infrastructure. Understanding how changing the infrastructure beneath endpoints affects endpoint security is elemental for security strategies. With all the benefits that virtualization brings, there are also new risks. Side channel exploitation, where a virtual machine is attacked from a neighboring virtual machine via a vulnerability are possible. This is simply due to the fact that multiple virtual machines share the same hardware via the hypervisor. In the case of cloud computing where multi-tenancy is the norm, there is no assurance that the end-user controlling a neighboring virtual machine has malicious intentions or not.

Virtualization and cloud computing is changing the security industry, both from a technology standpoint and the way it is consumed. With the benefits of a pay-as-you-grow model that cloud computing offers, end-users are able to quickly deploy IT infrastructure that addresses the business need without a large capital outlay. The security industry is evolving to meet this same licensing model requirements. However, even by meeting the needs of end-user license model requirements in the cloud; the challenge still remains the same. It is impossible to guarantee the integrity of the execution space of the security software running in the same execution space as threats.

With virtualization technology we now have the opportunity to exponentially raise the cost of attack on a system by gaining full visibility into the entire stack.

By utilizing hypervisor introspection technology it is possible to ensure the integrity of critical operating system areas, like the kernel for example. Through these introspective techniques threats are prevented from hiding or executing certain payloads within an operating system. Hypervisor introspection provides the security industry with the tooling to exponentially raise the cost of attack, by gaining full visibility into the execution space without operating in the same space that threats operate in. Similar to the movie “Minority report” where in the future criminals are arrested before they commit a crime, so too does virtualization technology enable security vendors to gain full visibility into systems and operate outside of the execution space that threats exist in.

By Gavin Hill, director of virtualization and cloud security research, Bitdefender

For over a decade, Gavin Hill has been the driver of security technologies for global organizations in markets that encompass North America, Europe, and Asia. With extensive technical-to-business experience that spans development, product management, and marketing, Hill has a proven record of success in driving first-to-market solutions. At Bitdefender, Hill is leading the product management and product marketing groups for virtualization and cloud security solutions.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Digital Transformation: Miracle and Wonder

Digital Transformation: Miracle and Wonder

Digital Transformation These are the days of miracle and wonder. I’ve been leading a small, global research team at the Tau Institute for the past few years to examine the dynamics of IT adoption in more than 100 countries throughout the world. We’ve developed several indices that show how well these nations are doing on a relative basis. We ranked the nations…

Automation of Access Management Means a Happier IT Staff

Automation of Access Management Means a Happier IT Staff

Automation of Access Management One of tasks that your IT department probably really dislikes is managing the in-house and cloud user accounts and passwords for all of the employees in the company. Though this is usually an easy task, it is extremely mundane and time consuming, especially for a company that has frequent movement of…

Weighing in on Recurring Revenues to Tip Your Business’ Scale

Weighing in on Recurring Revenues to Tip Your Business’ Scale

Tip Your Business’ Scale CEOs, investors, analysts, and business advisors have fallen in love with the recurring revenue business model. In fact, when comparing like software companies, Wall Street gives 2x higher valuations for businesses with successful recurring revenue models in place. It’s no wonder that research indicates 50% of US businesses have already adopted…

What Agency Can Benefit The Most From IoT/CSP?

What Agency Can Benefit The Most From IoT/CSP?

What Agency Can Benefit The Most? I was recently giving a talk to some students when one of them asked me a question I hadn’t heard before. She said “How does the Internet of Things really impact the government? What agency benefits the most from IoT/CPS?” I paused for a moment, it is a great…

Will Your Internet of Things Device Testify Against You?

Will Your Internet of Things Device Testify Against You?

Will Your Internet of Things Device Testify Imagine this:  Your wearable device is subpoenaed to testify against you.  You were driving when you were over the legal alcohol limit and data from a smart Breathalyzer device is used against you. Some might argue that such a use case could potentially safeguard society. However, it poses…

Hybrid IT Matures Just In Time To Tackle Complex Challenges

Hybrid IT Matures Just In Time To Tackle Complex Challenges

Tackling Complex IT Challenges Sponsored by Hybrid IT: The Next Evolution in Enterprise IT, NetApp and Verizon. Today’s sophisticated business environment demands a dynamic and robust IT infrastructure which is a far cry from the closed, controlled environments that most IT departments were created to handle. A hybrid IT infrastructure, drawing services from multiple cloud-based…

Featured Sponsored Articles
The Benefits of Cloud-Based Phone Systems

The Benefits of Cloud-Based Phone Systems

Cloud-Based Phone Systems This article has been sponsored by RingCentral, provider of state-of-the-art cloud infrastructure. Although today’s businesses rely on a host of modern technology, the century-old telephone call is as essential as ever. Of course, businesses today aren’t relying on simple analog voice calls for effective interaction with partners, suppliers, colleagues, and customers, but…

Featured Sponsored Articles
Working With Cloud White Label Partners

Working With Cloud White Label Partners

Cloud White Label Services Sponsored by CloudMGR The benefits of consolidating your cloud to one of the giants such as AWS, Microsoft Azure, and Google Cloud are improving as competition increases, with pricing wars between the service providers meaning better savings for businesses utilizing these services, and an abundance of features at user fingertips as…

Featured Sponsored Articles

CloudTweaks is recognized as one of the leading influencers in cloud computing, infosec, big data and the internet of things (IoT) information. Our goal is to continue to build our growing information portal by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Sponsor