University of Twente Student Theses
A Cross-Hypervisor Analysis of Recurrent Vulnerability Categories in Virtualization Subsystems
Culda, Alexandru Dan (2025) A Cross-Hypervisor Analysis of Recurrent Vulnerability Categories in Virtualization Subsystems.
|
PDF
618kB |
| Abstract: | This study does a quantitative meta-analysis of 1,536 vulnerabilities through means of secondary research, spanning over four major hypervisors - VMware, Xen, Hyper-V, and KVM. It uses the National Vulnerability Dataset (NVD) as the sole resource for dataset creation, gathering vulnerabilities, also referred to as Common Vulnerabilities and Exposures (CVE), from 2009 up to 2024. Moreover, this paper proposes a 6-category taxonomy based on hypervisor functionalities - CPU, Device I/O, Control & Execution, Interrupts, and Timer Mechanisms (ITM), Soft Memory Management Unit (Soft MMU), and Add-ons & Management - paired with the industry-standard Common Weakness Enumeration (CWE) classification in order to outline possible conceptual or systemic flaws present across the four hypervisors. The 1,536 vulnerabilities were classified into the six aforementioned categories using an implementation of the Self-Attention Deep Neural Network (SA-DNN) presented by Vishnu et al. because it demonstrates superior performance in vulnerability classifications. Additionally, further analysis is performed on the vulnerability distribution by category, temporal trends across the 16 years, and distribution of the 6-category taxonomy across hypervisors. The contribution of the study to the state of the art is that it introduces a novel dual-stratified classification meant to bridge the gap between granular and vendor-specific vulnerabilities and high-level systemic insights across the four major players in the virtualization market. |
| Item Type: | Essay (Bachelor) |
| Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
| Subject: | 54 computer science |
| Programme: | Business & IT BSc (56066) |
| Link to this item: | https://purl.utwente.nl/essays/105178 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page