本論文是在研究虛擬雲端計算的安全性。主要探討兩個階段：首先，辨認出雲端上的惡意攻擊(Venom Vulnerability)，同時也保護虛擬機器監視器(hypervisor)不遭受相同的攻擊。
第一步，我在QUEMU/KVM的環境中執行Venom的漏洞，以偵測他在雲端上的運作方式。第二步，保護虛擬網路中漏洞最多的虛擬機器監視器(hypervisor)。因此得知，這樣的操作機制提供了辨識Venom攻擊以及試著封鎖負責傳輸I/O命令的軟碟控制器(FDC 0x3f5)。

This thesis investigates the security of virtualization in the cloud computing. The main idea of this papers is focuses on two steps: First we, identify the malicious attack (Venom Vulnerability) in the cloud, and also protect the hypervisor of this kind of attack. Firstly, I have implemented Venom vulnerability in the environment of QUEMU/KVM to identify its behavior (action) in the cloud. Secondly, I protected the hypervisor which is the most vulnerability part for Virtual Network. Thus, the proposed mechanism provides identification venom Attack and tried to locked the FDC port (0x3f5) which is responsible to send I/O command to the hypervisor.

Contents
List of Figures	IV
List of Tables	V
CHAPTER 1. INTRODUCTION	- 1 -
1.1 GENERAL OVERVIEW OF CLOUD COMPUTING	- 1 -
1.2. VENOM VULNERABILITY	- 5 -
CHAPTER 2. RELATED WORK	- 8 -
CHAPTER 3. VENOM ATTACK BEHAVIOR	- 9 -
3.1. APPROACH	- 9 -
3.2. OVERVIEW OF VENOM VULNERABILITY	- 11 -
3.3. IDENTIFICATION OF VENOM VULNERABILITY	- 12 -
CHAPTER 4. THE PROPOSED METHODOLOGY	- 21 -
CHAPTER 5. COMPARISON AND EVALUATION	- 23 -
CHAPTER 6. CONCLUSION	- 24 -
References	- 25 -

List of Figures
Figure 1. Example of Cloud-Computing	- 1 -
Figure 2. Components of virtualization.	- 5 -
Figure 3. Vulnerable Cloud Infrastructure	- 10 -
Figure 4. Attacking Hypervisor Emulation of Hardware Devices (Hardware Emulation Attack Vectors).	- 10 -
Figure 5. Venom Vulnerability Source Code	- 12 -
Figure 6. Statistic of KVM hypervisor	- 13 -
Figure 7. Statics of VMs in KVM	- 14 -
Figure 8. General Information of VMs	- 14 -
Figure 9. Static of CPU and Memory of VMs	- 15 -
Figure 10. Virtual memory size of Host machine	- 15 -
Figure 11. I/O static of Hypervisor	- 16 -
Figure 12. Venom Vulnerability in the Hypervisor	- 16 -
Figure 13. Result of Venom Vulnerability in the Hypervisor (1)	- 17 -
Figure 14. Statistic of hypervisor with Venom Vulnerability	- 18 -
Figure 15. (a) Virtual memory size of Host machine with Venom Vulnerability. 15 (b) I/O static of Hypervisor with Venom Vulnerability.	- 19 -
Figure 16. code of FDC	- 21 -
Figure 17. Result of Venom Vulnerability in the Hypervisor (2)	- 23 -
Figure 18. Static of Hypervisor when the FDC is locked	- 23 -

List of Tables
Table 1. Notable Cloud Service Example	- 3 -

[1]	Cloud-Computing: www.cloudcomputing.com.
[2]	An identification and prevention of theft-of-service attack on cloud computing, 2016 International Conference on Selected Topics in Mobile & Wireless Networking (MoWNeT), IEEE 11-13 April 2016.
[3]	Main-Page---KVM(http://www.linuxkvm.org/page/Main_Page).
[4]	Libvirt: The Virtualization API.
[5]	About---QEMU (http://wiki.quemu.org/Main_page).
[6]	Hypervisor and virtual machine dependent Intrusion Detection and Prevention System for virtualized cloud environment, International Conference on Telematics and Future Generation Networks (TAFGEN), IEEE 26-28 May 2015.
[7]	D. Tsafrir, Y. Etsion, and D. G. Feitelson, “Secretly Monopolizing the CPU Without Superuser Privileges,” in Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, Berkeley, CA, USA, 2007, pp. 17:1–17:18.
[8]	KLrtD: Kernel Level Rootkit Detection (ICEE 2014), May 20-22, 2014, Shahid Beheshti University.
[9]	Providing Memory Protection in an Untrusted Commodity Hypervisor (IEEE) 2012), 24-26 Sept.