Security Evaluation Framework for Virtualised Environments

Abstract

With the expansion of cloud computing, virtual environments remain susceptible to sophisticated security threats, such as hypervisor vulnerabilities, VM escapes, inter-VM attacks, DoS attacks, and malware injections. Hence, ensuring that virtualised environments are secure, has become increasingly crucial. These threats are particularly affecting as many enterprises which have shifted to online services and remote work. This paper examines the existing frameworks which have been designed to address the existing challenges, their gaps and strengths; and proposes an enhanced security framework that can help to mitigate these threats. The framework was developed following an iterative process encompassing several stages. It has the hypervisor layer, virtual machine layer, network layer, management layer, and monitoring and response layer components. The framework aims to enhance detection capabilities, reduce response times, minimise system performance impact, and lower false positive rates while optimising resource utilisation by providing a practical and effective approach to securing virtualised infrastructures, thereby ensuring the resilience and reliability of cloud-based services.