An exploration of L2 cache covert channels in virtualized environments

Yunjing Xu, Michael Bailey, Farnam Jahanian, Kaustubh Joshi, Matti Hiltunen, Richard Schlichting

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Recent exploration into the unique security challenges of cloud computing have shown that when virtual machines belonging to different customers share the same physical machine, new forms of cross-VM covert channel communication arise. In this paper, we explore one of these threats, L2 cache covert channels, and demonstrate the limits of these this threat by providing a quantification of the channel bit rates and an assessment of its ability to do harm. Through progressively refining models of cross-VM covert channels from the derived maximums, to implementable channels in the lab, and finally in Amazon EC2 itself we show how a variety of factors impact our ability to create effective channels. While we demonstrate a covert channel with considerably higher bit rate than previously reported, we assess that even at such improved rates, the harm of data exfiltration from these channels is still limited to the sharing of small, if important, secrets such as private keys.

Original languageEnglish (US)
Title of host publicationCCSW'11 - Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop
Pages29-39
Number of pages11
DOIs
StatePublished - Nov 16 2011
Externally publishedYes
Event3rd ACM Workshop on Cloud Computing Security Workshop, CCSW'11, Co-located with the 18th ACM Conference on Computer and Communications Security, CCS 2011 - Chicago, IL, United States
Duration: Oct 21 2011Oct 21 2011

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Other

Other3rd ACM Workshop on Cloud Computing Security Workshop, CCSW'11, Co-located with the 18th ACM Conference on Computer and Communications Security, CCS 2011
Country/TerritoryUnited States
CityChicago, IL
Period10/21/1110/21/11

Keywords

  • Bit rate
  • Covert channel

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'An exploration of L2 cache covert channels in virtualized environments'. Together they form a unique fingerprint.

Cite this