Security Assessment for Guest-to-Guest and Host-to-Guest Isolation in Type 1 and Type 2 Open-Source Hypervisors: A Focus on Attack Vectors

Authors

  • Said Ally

DOI:

https://doi.org/10.61538/huria.v30i2.1680

Keywords:

Virtual Machine Isolation, Hypervisor Security, Open-Source Virtualization, Attack Vector

Abstract

The global IT management landscape has shifted from physical to virtual computing. The transition process that makes virtualized execution environments possible is controlled by the underlying software apparatus known as a hypervisor. Based on the design architecture and configuration, hypervisors differ in the degree of virtual machine isolation, making security a serious concern for technology adopters. This paper presents the security assessment of open-source hypervisors using attack vectors for guest-to-guest (G2G) and host-to-guest (H2G) penetrations. The study uses Proxmox VE and XenServer for Type 1 hypervisors and Kernel Virtual Machine (KVM) and Oracle Virtual Box (OVB) for Type 2, with secondary data analysis based on software vulnerabilities and exposures retrieved from publicly available online databases. For clarity, the source codes of each hypervisor were scanned to identify vulnerable files in an experiment conducted on a Kali Linux testbed with prebuilt virtual machines, each hosting one hypervisor. The vulnerability level was determined using 11 attack vectors extracted qualitatively from relevant literature. The soft memory management unit was found to be the most common attack vector among all hypervisors. Type 1 hypervisors are far better at responding to virtual resource attacks, whereas type 2 hypervisors are more vulnerable to attacks that suffocate computational resources, especially virtual CPUs. OVB outperforms other hypervisors in terms of disk and network performance as it is more resistant to attacks involving I/O networking, interrupt and timer mechanisms, and hypercalls. The results also show that all hypervisors perform better against G2G than H2G attacks. For H2G attacks, the Proxmox VE and KVM have demonstrated better performance compared to other hypervisors. According to analysis, the most prevalent hypervisor flaws are mainly due to design faults rather than misconfigurations by adopters. To get rid of hypervisor weaknesses and fully capitalize on the technological shift from physical to virtual computing, adopters should consider industry-accepted best practices when selecting, installing, and deploying open-source hypervisors.

Author Biography

Said Ally

The Open University of Tanzania, Tanzania

Downloads

Published

2025-08-04