• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.95-105
• /
• 2015

In this paper, we propose the security requirements for developing the security functions of server virtualization system. The security requirements are based on the security threats of server virtualization system, and we verified the validity by defending the security threats of server virtualization system. For inducting the security threats damaging server virtualization system from cloud computing security threats, we analyze and suggest the relations between security threats and security issue of server virtualization system.

• Convergence Security Journal
• /
• v.23 no.5
• /
• pp.21-27
• /
• 2023

In the cloud computing environment, servers and applications can be set up within minutes, and recovery in case of fail ures has also become easier. Particularly, using virtual servers in the cloud is not only convenient but also cost-effective compared to the traditional approach of setting up physical servers just for temporary services. However, most of the und erlying networks and security systems that serve as the foundation for such servers and applications are primarily hardwa re-based, posing challenges when it comes to implementing cloud virtualization. Even within the cloud, there is a growing need for virtualization-based security and protection measures for elements like networks and security infrastructure. This paper discusses research on enhancing the security of cloud networks using network virtualization technology. I configured a secure network by leveraging virtualization technology, creating virtual servers and networks to provide various security benefits. Link virtualization and router virtualization were implemented to enhance security, utilizing the capabilities of virt ualization technology. The application of virtual firewall functionality to the configured network allowed for the isolation of the network. It is expected that based on these results, there will be a contribution towards overcoming security vulnerabil ities in the virtualized environment and proposing a management strategy for establishing a secure network.

• Journal of Information Processing Systems
• /
• v.17 no.4
• /
• pp.801-817
• /
• 2021

Network virtualization technologies have played efficient roles in deploying cloud, Internet of Things (IoT), big data, and 5G network. We have conducted a survey on network virtualization technologies, such as software-defined networking (SDN), network functions virtualization (NFV), and network virtualization overlay (NVO). For each of technologies, we have explained the comprehensive architectures, applied technologies, and the advantages and disadvantages. Furthermore, this paper has provided a summarized view of the latest research works on challenges and solutions of security issues mainly focused on DDoS attack and encryption.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.11
• /
• pp.5588-5613
• /
• 2018

Virtualization technology has been widely applied in the area of computer security research that provides a new method for system protection. It has been a hotspot in system security research at present. Virtualization technology brings new risk as well as progress to computer operating system (OS). A multi-level perception security model using virtualization is proposed to deal with the problems of over-simplification of risk models, unreliable assumption of secure virtual machine monitor (VMM) and insufficient integration with virtualization technology in security design. Adopting the enhanced isolation mechanism of address space, the security perception units can be protected from risk environment. Based on parallel perceiving by the secure domain possessing with the same privilege level as VMM, a mechanism is established to ensure the security of VMM. In addition, a special pathway is set up to strengthen the ability of information interaction in the light of making reverse use of the method of covert channel. The evaluation results show that the proposed model is able to obtain the valuable risk information of system while ensuring the integrity of security perception units, and it can effectively identify the abnormal state of target system without significantly increasing the extra overhead.

• Journal of Convergence for Information Technology
• /
• v.11 no.10
• /
• pp.144-150
• /
• 2021

The purpose of this paper is to review the direction of the slicing security policy, which is a major consideration in the context of standardization in 5G communication network security, to derive security vulnerability diagnosis items, and to present about analyzing and presenting the issues of discussion for 5G communication network virtualization. As for the research method, the direction of virtualization security policy of 5G communication network of ENISA (European Union Agency for Cybersecurity), a European core security research institute, and research contents such as virtualization security policy and vulnerability analysis of 5G communication network from related journals were used for analysis. In the research result of this paper, the security structure in virtualization security of 5G communication network is arranged, and security threats and risk management factors are derived. In addition, vulnerability diagnosis items were derived for each security service in the risk management area. The contribution of this study is to summarize the security threat items in 5G communication network virtualization security that is still being discussed, to be able to gain insights of the direction of European 5G communication network cybersecurity, and to derive vulnerabilities diagnosis items to be considered for virtualization security of 5G communication network. In addition, the results of this study can be used as basic data to develop vulnerability diagnosis items for virtualization security of domestic 5G communication networks. In the future, it is necessary to study the detailed diagnosis process for the vulnerability diagnosis items of 5G communication network virtualization security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1247-1257
• /
• 2013

The security vulnerabilities of cloud storage virtualization environments are different from those of the existing computer system and are difficult to be protected in the existing computer system environment. Therefore we need some technical measures to address this issue. First of all, the technology used in cloud storage virtualization environment needs to be thoroughly analyzed, and also, we should understand those security requirements of various stakeholders in the view of cloud storage service and perform the research on security guidelines of the research security requirements. In this paper, we propose security requirements based on layers and roles of cloud storage virtualization. The proposed security requirements can be a basement for development of solution of cloud storage virtualization security.

• Journal of Digital Convergence
• /
• v.17 no.8
• /
• pp.221-228
• /
• 2019

The importance of security for virtualization products has been increased with the activation policy of cloud computing and it is necessary to analyze cyber security threats and develop security requirements for virtualization products to provide with more secure cloud environments. This paper is a preliminary study with the purpose of developing security functional requirements through analyzing security features and cyber security threats as well as comparison of foreign countries' cases for virtualization products. To do this, the paper compares evaluation schemes for virtualization products in US and UK foreign countries, and analyzes the cyber security threats, security objectives and security requirements in both countries. Furthermore, it proposes the essential checking items and processes for developing security functional requirements about security features of virtualization products to contribute to its more secure development and the establishment of related security evaluation standards.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.4
• /
• pp.709-720
• /
• 2013

Virtualization obfuscation makes hard to analyze the code by applying virtualization to code section. Protected code by common used virtualization obfuscation technique has become known that it doesn't have restored point and also it is hard to analyze. However, it is abused to protect malware recently. So, It is been hard to analyze and take action for malware. Therefore, this paper's purpose is analyze and take action for protected malware by virtualization obfuscation technique through implement tool which can extract virtualization structure automatically and trace execution process. Hence, basic structure and operation process of virtualization obfuscation technique will be handled and analysis result of protected malware by virtualization obfuscation utilized Equation Reasoning System, one kind of program analysis. Also, we implement automatic analysis tool, extract virtualization structure from protected executable file by virtualization obfuscation technique and deduct program's execution sequence.

• Journal of Digital Contents Society
• /
• v.16 no.1
• /
• pp.1-12
• /
• 2015

In this paper, we analyze the research trend and problems of the existing virtualization technology and present the most applicable virtualization technology in order to apply the technology to the operation of novel reliable networks. By using the virtualization technology, there is advantage in that the utilization of resource becomes higher and maintenance cost goes down. While, from the security perspective, there exist advantage in using the virtualization, it also introduces new vulnerabilities due to the adoption. Thus it is necessary to analyze the problem and establish the strategy to solve it. Therefore we derive threat elements to the virtualized system, analyze and describe the virtualization security policy.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.33-42
• /
• 2016

Recently, the investment and study competition regarding machine running is accelerating mainly with Google, Amazon, Microsoft and other leading companies in the field of artificial intelligence. The security weakness of virtualization technology security structure have been a serious issue continuously. Also, in most cases, the internal data security depend on the virtualization security technology of platform provider. This is because the existing software, hardware security technology is hard to access to the field of virtualization and the efficiency of data analysis and processing in security function is relatively low. This thesis have applied user significant information to machine learning algorithm, created security authentication vector able to learn to provide with a method which the security authentication can be conducted in the field of virtualization. As the result of performance analysis, the interior transmission efficiency of authentication vector in virtualization environment, high efficiency of operation method, and safety regarding the major formation parameter were demonstrated.