{"id":"https://openalex.org/W2743348030","doi":"https://doi.org/10.1109/cybersa.2017.8073397","title":"A methodology for testing virtualisation security","display_name":"A methodology for testing virtualisation security","publication_year":2017,"publication_date":"2017-06-01","ids":{"openalex":"https://openalex.org/W2743348030","doi":"https://doi.org/10.1109/cybersa.2017.8073397","mag":"2743348030"},"language":"en","primary_location":{"id":"doi:10.1109/cybersa.2017.8073397","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cybersa.2017.8073397","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://rke.abertay.ac.uk/en/publications/11f3456c-8642-47f9-86e1-eeff9718b29f","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5005860837","display_name":"Scott E. Donaldson","orcid":"https://orcid.org/0000-0002-1137-4791"},"institutions":[{"id":"https://openalex.org/I877506347","display_name":"Abertay University","ror":"https://ror.org/04mwwnx67","country_code":"GB","type":"education","lineage":["https://openalex.org/I877506347"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Scott Donaldson","raw_affiliation_strings":["Division of Computing and Maths, University of Abertay Dundee, Dundee, UK"],"affiliations":[{"raw_affiliation_string":"Division of Computing and Maths, University of Abertay Dundee, Dundee, UK","institution_ids":["https://openalex.org/I877506347"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045795185","display_name":"Natalie Coull","orcid":"https://orcid.org/0000-0003-0681-9888"},"institutions":[{"id":"https://openalex.org/I877506347","display_name":"Abertay University","ror":"https://ror.org/04mwwnx67","country_code":"GB","type":"education","lineage":["https://openalex.org/I877506347"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Natalie Coull","raw_affiliation_strings":["Division of Computing and Maths, University of Abertay Dundee, Dundee, UK"],"affiliations":[{"raw_affiliation_string":"Division of Computing and Maths, University of Abertay Dundee, Dundee, UK","institution_ids":["https://openalex.org/I877506347"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5047114095","display_name":"David McLuskie","orcid":null},"institutions":[{"id":"https://openalex.org/I877506347","display_name":"Abertay University","ror":"https://ror.org/04mwwnx67","country_code":"GB","type":"education","lineage":["https://openalex.org/I877506347"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"David McLuskie","raw_affiliation_strings":["Division of Computing and Maths, University of Abertay Dundee, Dundee, UK"],"affiliations":[{"raw_affiliation_string":"Division of Computing and Maths, University of Abertay Dundee, Dundee, UK","institution_ids":["https://openalex.org/I877506347"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5005860837"],"corresponding_institution_ids":["https://openalex.org/I877506347"],"apc_list":null,"apc_paid":null,"fwci":0.8306,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.8067236,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.988099992275238,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9848999977111816,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/hypervisor","display_name":"Hypervisor","score":0.9545269012451172},{"id":"https://openalex.org/keywords/virtualization","display_name":"Virtualization","score":0.8996538519859314},{"id":"https://openalex.org/keywords/virtual-machine","display_name":"Virtual machine","score":0.8645726442337036},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7864470481872559},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.6904736757278442},{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.6228368878364563},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.5718618631362915},{"id":"https://openalex.org/keywords/hardware-virtualization","display_name":"Hardware virtualization","score":0.5071649551391602},{"id":"https://openalex.org/keywords/full-virtualization","display_name":"Full virtualization","score":0.5003139972686768},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3535550534725189},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.3311079144477844},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.2405809462070465}],"concepts":[{"id":"https://openalex.org/C112904061","wikidata":"https://www.wikidata.org/wiki/Q1077480","display_name":"Hypervisor","level":4,"score":0.9545269012451172},{"id":"https://openalex.org/C513985346","wikidata":"https://www.wikidata.org/wiki/Q270471","display_name":"Virtualization","level":3,"score":0.8996538519859314},{"id":"https://openalex.org/C25344961","wikidata":"https://www.wikidata.org/wiki/Q192726","display_name":"Virtual machine","level":2,"score":0.8645726442337036},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7864470481872559},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.6904736757278442},{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.6228368878364563},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.5718618631362915},{"id":"https://openalex.org/C68793194","wikidata":"https://www.wikidata.org/wiki/Q1616095","display_name":"Hardware virtualization","level":5,"score":0.5071649551391602},{"id":"https://openalex.org/C47878483","wikidata":"https://www.wikidata.org/wiki/Q848333","display_name":"Full virtualization","level":4,"score":0.5003139972686768},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3535550534725189},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.3311079144477844},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.2405809462070465}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/cybersa.2017.8073397","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cybersa.2017.8073397","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)","raw_type":"proceedings-article"},{"id":"pmh:oai:rke.abertay.ac.uk:openaire_cris_publications/11f3456c-8642-47f9-86e1-eeff9718b29f","is_oa":true,"landing_page_url":"https://rke.abertay.ac.uk/en/publications/11f3456c-8642-47f9-86e1-eeff9718b29f","pdf_url":null,"source":{"id":"https://openalex.org/S4306402526","display_name":"Abertay Research Portal (Abertay University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I877506347","host_organization_name":"Abertay University","host_organization_lineage":["https://openalex.org/I877506347"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":"Donaldson , S , Coull , N &amp; McLuskie , D 2017 , A methodology for testing virtualisation security . in Proceedings of the International Conference On Cyber Situational Awareness, Data Analytics And Assessment (CyberSA) . 2017 International Conference on Cyber Situational Awareness, Data Analytics and Assessment , London , United Kingdom , 19/06/17 . https://doi.org/10.1109/CyberSA.2017.8073397","raw_type":"contributionToPeriodical"}],"best_oa_location":{"id":"pmh:oai:rke.abertay.ac.uk:openaire_cris_publications/11f3456c-8642-47f9-86e1-eeff9718b29f","is_oa":true,"landing_page_url":"https://rke.abertay.ac.uk/en/publications/11f3456c-8642-47f9-86e1-eeff9718b29f","pdf_url":null,"source":{"id":"https://openalex.org/S4306402526","display_name":"Abertay Research Portal (Abertay University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I877506347","host_organization_name":"Abertay University","host_organization_lineage":["https://openalex.org/I877506347"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":"Donaldson , S , Coull , N &amp; McLuskie , D 2017 , A methodology for testing virtualisation security . in Proceedings of the International Conference On Cyber Situational Awareness, Data Analytics And Assessment (CyberSA) . 2017 International Conference on Cyber Situational Awareness, Data Analytics and Assessment , London , United Kingdom , 19/06/17 . https://doi.org/10.1109/CyberSA.2017.8073397","raw_type":"contributionToPeriodical"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":4,"referenced_works":["https://openalex.org/W1991106358","https://openalex.org/W2082988715","https://openalex.org/W2149886445","https://openalex.org/W2256307994"],"related_works":["https://openalex.org/W2005435933","https://openalex.org/W2413559826","https://openalex.org/W2017036943","https://openalex.org/W2179519055","https://openalex.org/W2549930939","https://openalex.org/W2747005099","https://openalex.org/W2050621158","https://openalex.org/W1775827617","https://openalex.org/W2761289806","https://openalex.org/W2102844359"],"abstract_inverted_index":{"There":[0],"is":[1,103,150,220],"a":[2,82,87,221,244],"growing":[3],"interest":[4],"in":[5,12,44,193,204],"virtualisation":[6,149],"due":[7],"to":[8,29,84,105,115,126,153,238],"its":[9],"central":[10],"role":[11],"cloud":[13,24],"computing,":[14],"virtual":[15,53,88,110,129,222],"desktop":[16],"environments":[17],"and":[18,23,76,93,124,138,168,178],"Green":[19],"IT.":[20],"Data":[21],"centres":[22],"computing":[25],"utilise":[26],"this":[27,66,101,205],"technology":[28],"run":[30],"multiple":[31],"operating":[32],"systems":[33],"on":[34,51,56,132,185],"one":[35],"physical":[36],"server,":[37],"thus":[38],"reducing":[39],"hardware":[40],"costs.":[41],"However,":[42,199],"vulnerabilities":[43,123,154],"the":[45,70,78,107,117,128,145,156,173,188,194,201,218,241],"hypervisor":[46,195],"layer":[47],"have":[48],"an":[49,60,212],"impact":[50],"any":[52],"machines":[54],"running":[55],"top,":[57],"making":[58],"security":[59,71,108,118,192,242],"important":[61],"part":[62],"of":[63,72,109,121,148,243],"virtualisation.":[64],"In":[65],"paper,":[67],"we":[68],"evaluate":[69,106,116],"virtualisation,":[73],"including":[74],"detection":[75],"escaping":[77],"environment.":[79,246],"We":[80],"present":[81],"methodology":[83,102,203,234],"investigate":[85],"if":[86],"machine":[89,219],"can":[90,214,235],"be":[91,226,236],"detected":[92],"further":[94,229],"compromised,":[95],"based":[96],"upon":[97],"previous":[98,162],"research.":[99],"Finally,":[100,231],"used":[104,114,227],"machines.":[111],"The":[112],"methods":[113],"include":[119],"analysis":[120],"known":[122],"fuzzing":[125],"test":[127,240],"device":[130],"drivers":[131],"three":[133],"different":[134],"platforms:":[135],"VirtualBox,":[136],"Hyper-V":[137],"VMware":[139],"ESXI.":[140],"Our":[141],"results":[142,160,189],"demonstrate":[143],"that":[144,172,191,211,217],"attack":[146],"surface":[147],"more":[151,176],"prone":[152],"than":[155,180],"hypervisor.":[157],"Comparing":[158],"our":[159,232],"with":[161],"studies,":[163],"each":[164],"platform":[165],"withstood":[166],"IOCTL":[167],"random":[169],"fuzzing,":[170],"demonstrating":[171],"platforms":[174],"are":[175],"robust":[177],"secure":[179],"previously":[181],"found.":[182],"By":[183],"building":[184],"existing":[186],"research,":[187],"show":[190],"has":[196,208],"been":[197,209],"improved.":[198],"using":[200],"proposed":[202,233],"paper":[206],"it":[207],"shown":[210],"attacker":[213],"easily":[215],"determine":[216],"machine,":[223],"which":[224],"could":[225],"for":[228],"exploitation.":[230],"utilised":[237],"effectively":[239],"virtualised":[245]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":3}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}