การจัดการเว็บเซิร์ฟเวอร์ด้วยเครื่องเสมือนบนไฮเปอร์-วี เพื่อการป้องกันการโจมตีทางไซเบอร์และเสริมความยืดหยุ่นด้านการสำรองข้อมูล

Ittipat  Yotapan

Authors

Ittipat Yotapan Faculty of Humanities and Social Science, Burapha University

Keywords:

Web Server , Virtual Machine , Hyper-V , Attack Prevention , Cybersecurity , Data Backup

Abstract

This academic article aims to present guidelines for leveraging Virtual Machine (VM) technology on the Hyper-V platform to enhance web server security and availability. It reviews and synthesizes relevant literature concerning the latest cyber threats facing web servers, including ransomware, various malware types, injection attacks, and AI-powered attacks. The study reveals that Hyper-V offers robust security features such as Secure Boot, Shielded VMs, Network Isolation, and Network Encryption, along with availability features like Snapshot and Replication, demonstrating high potential for attack prevention and system recovery. The article proposes systematic guidelines for Hyper-V applications, covering secure VM architecture design, stringent security configuration, effective backup and recovery management, and continuous monitoring and administration. Implementing these guidelines will enable readers to assess and mitigate security risks, enhance operational efficiency, strengthen practical knowledge in Hyper-V configuration, and support strategic decision-making in infrastructure planning, ultimately leading to maximized resilience, security, and service continuity for their web servers. Furthermore, the article provides suggestions for future research to advance knowledge in this domain.

References

Brown, A., & Davis, C. (2019). Disaster Recovery Planning for Virtualized Environments. Journal of Information Technology Management, 30(2), 45-58.

Chen, L., Wang, S., & Zhang, Y. (2023). Security Vulnerability Analysis in Virtual Machine Environments. International Journal of Network Security, 25(1), 12-25.

ConnectWise. (2025). 10 Common Cybersecurity Threats and Attacks: 2025 Update. https://www.connectwise.com/blog/cybersecurity/common-threats-and-attacks

CrowdStrike. (2024). How AI can be Used for Cyberattacks. https://www.crowdstrike.com/ cybersecurity-101/artificial-intelligence-ai-security/ai-cyberattacks/

Embroker. (2025). Top 16 Cybersecurity Threats in 2025. https://www.embroker.com/blog/top-cybersecurity-threats/

Garcia, M., & Lopez, R. (2024). Simulating Cyber Attacks in Virtualized Testbeds. Journal of Cyber Security Technology, 8(3), 101-115.

Gordon, L. A., Loeb, M. P., Lucyshyn, W., & Zhou, L. (2021). A Framework for Cybersecurity Risk Management. Wiley.

IBM. (2023). How AI Fuels Cyber Attacks, Risks and What to Expect. https://www.ibm.com/ blogs/research/2023-08-30-how-ai-fuels-cyberattacks/

Johnson, K., & Williams, M. (2016). Resource Optimization through Server Virtualization. Journal of Cloud Computing: Advances and Systems, 5(1), 1-15.

Kaspersky. (2025.). Types of Malware & Malware Examples. https://www.kaspersky.com/ resource- center/threats/types-of-malware

Kim, J., Lee, H., & Park, S. (2017). Enhancing Web Server Availability through Virtual Machine Live Migration. Journal of Network and Computer Applications, 87, 123-135.

Kim, D., & Solomon, M. G. (2021). Fundamentals of Information Systems Security (4th ed.). Jones & Bartlett Learning.

Lee, S., Park, J., & Choi, K. (2020). Mitigating Cyber Threats through Virtual Machine Isolation. Computers & Security, 95, 101835.

Microsoft Learn. (2025). Back up Hyper-V Virtual Machines. Microsoft Learn. https://learn.microsoft.com/en-us/system-center/dpm/back-up-hyper-v-virtual-machines?view=sc-dpm-2025

Microsoft Learn-1. (2025). Plan for Hyper-V Security in Windows Server. https://learn.microsoft.com/ en-us/windows-server/virtualization/hyper-v/plan/plan-hyper-v-security-in-windows-server

Microsoft Learn-2. (2025). Virtual Network Encryption. https://learn.microsoft.com/en-us/windows-server/networking/sdn/vnet-encryption/sdn-vnet-encryption

Moteff, J. (2021). Business Continuity Planning and Disaster Recovery. (CRS Report No. R46889). Congressional Research Service.

National Institute of Standards and Technology. (2018). Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1. (NIST CSF 1.1). U.S. Department of Commerce. https://doi.org/10.6028/NIST.CSWP.04162018

OWASP. (2025.a). Cross-Site Scripting (XSS). https://owasp.org/www-community/attacks/xss/.

OWASP. (2025.b). SQL Injection. https://owasp.org/www-community/attacks/SQL_Injection

Patel, R. (2022). Improving Server Uptime with Virtual Machine Technology. International Journal of System Assurance Engineering and Management, 13(1), 1-8.

Perception Point. (2025). Hyper-V vs VMware: Compared on Features, Pricing and Security. https://perception-point.io/guides/virtual-browser/hyper-v-vs-vmware-compared-on-features-pricing-and-security/

Proxmox. (2025). Proxmox Virtual Environment. Proxmox Server Solutions GmbH. https://www.proxmox.com/en/proxmox-virtual-environment.

Smith, J., & Jones, B. (2018). The Role of Virtualization in Enhancing Server Security. Information Systems Journal, 28(4), 650-668.

Tan, F., Li, Z., & Wang, Q. (2021). Utilizing Virtual Machine Snapshots for Rapid System Recovery. Journal of Parallel and Distributed Computing, 157, 56-67.

Trellix. (2024). How AI-powered Cyberattacks Work. https://www.trellix.com/en-us/security-awareness/cybersecurity/ai-powered-cyberattacks.html

University of San Diego Online Degrees. (2025). Top Cybersecurity Threats [2025]. https://onlinedegrees.sandiego.edu/top-cyber-security-threats/

Veeam. (2025). Data Backup & Replication. https://www.veeam.com/products/veeam-data-platform/backup-recovery.html

Wang, L., Zhao, X., & Liu, H. (2022). Virtual Machine Replication for Disaster Recovery in Cloud Environments. IEEE Access, 10, 112345-112358.

Zhang, H., Chen, G., & Wei, L. (2019). Cost-effective Server Management through Virtualization. Journal of Grid Computing, 17(3), 489-505.