本論文是在研究虛擬雲端計算的安全性。主要探討兩個階段:首先,辨認出雲端上的惡意攻擊(Venom Vulnerability),同時也保護虛擬機器監視器(hypervisor)不遭受相同的攻擊。 第一步,我在QUEMU/KVM的環境中執行Venom的漏洞,以偵測他在雲端上的運作方式。第二步,保護虛擬網路中漏洞最多的虛擬機器監視器(hypervisor)。因此得知,這樣的操作機制提供了辨識Venom攻擊以及試著封鎖負責傳輸I/O命令的軟碟控制器(FDC 0x3f5)。 This thesis investigates the security of virtualization in the cloud computing. The main idea of this papers is focuses on two steps: First we, identify the malicious attack (Venom Vulnerability) in the cloud, and also protect the hypervisor of this kind of attack. Firstly, I have implemented Venom vulnerability in the environment of QUEMU/KVM to identify its behavior (action) in the cloud. Secondly, I protected the hypervisor which is the most vulnerability part for Virtual Network. Thus, the proposed mechanism provides identification venom Attack and tried to locked the FDC port (0x3f5) which is responsible to send I/O command to the hypervisor.
