TY - GEN
T1 - Detecting co-residency with active traffic analysis techniques
AU - Bates, Adam
AU - Mood, Benjamin
AU - Pletcher, Joe
AU - Pruse, Hannah
AU - Valafar, Masoud
AU - Butler, Kevin
PY - 2012
Y1 - 2012
N2 - Virtualization is the cornerstone of the developing third party compute industry, allowing cloud providers to instantiate multiple virtual machines VMson a single set of physical resources. Customers utilize cloud resources alongside unknown and untrusted parties, creating the co-resident threat-unless perfect isolation is provided by the virtual hypervisor, there exists the possibility for unauthorized access to sensitive customer information through the exploitation of covert side channels. This paper presents co-resident watermarking, a traffic analysis attack that allows a malicious co-resident VM to inject a watermark signature into the network flow of a target instance. This watermark can be used to exfiltrate and broadcast co-residency data from the physical machine, compromising isolation without reliance on internal side channels. As a result, our approach is difficult to defend without costly underutilization of the physical machine. We evaluate co-resident watermarking under a large variety of conditions, system loads and hardware configurations, from a local lab environment to production cloud environments Futuregrid and the University of Oregon's ACISS). We demonstrate the ability to initiate a covert channel of 4 bits per second, and we can confirm coresidency with a target VM instance in less than 10 seconds. We also show that passive load measurement of the target and subsequent behavior profiling is possible with this attack. Our investigation demonstrates the need for the careful design of hardware to be used in the cloud.
AB - Virtualization is the cornerstone of the developing third party compute industry, allowing cloud providers to instantiate multiple virtual machines VMson a single set of physical resources. Customers utilize cloud resources alongside unknown and untrusted parties, creating the co-resident threat-unless perfect isolation is provided by the virtual hypervisor, there exists the possibility for unauthorized access to sensitive customer information through the exploitation of covert side channels. This paper presents co-resident watermarking, a traffic analysis attack that allows a malicious co-resident VM to inject a watermark signature into the network flow of a target instance. This watermark can be used to exfiltrate and broadcast co-residency data from the physical machine, compromising isolation without reliance on internal side channels. As a result, our approach is difficult to defend without costly underutilization of the physical machine. We evaluate co-resident watermarking under a large variety of conditions, system loads and hardware configurations, from a local lab environment to production cloud environments Futuregrid and the University of Oregon's ACISS). We demonstrate the ability to initiate a covert channel of 4 bits per second, and we can confirm coresidency with a target VM instance in less than 10 seconds. We also show that passive load measurement of the target and subsequent behavior profiling is possible with this attack. Our investigation demonstrates the need for the careful design of hardware to be used in the cloud.
KW - Cloud Security
KW - Covert Channel
KW - Traffic Analysis
UR - https://www.scopus.com/pages/publications/84869782980
UR - https://www.scopus.com/pages/publications/84869782980#tab=citedBy
U2 - 10.1145/2381913.2381915
DO - 10.1145/2381913.2381915
M3 - Conference contribution
AN - SCOPUS:84869782980
SN - 9781450316651
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 1
EP - 12
BT - CCSW'12 - Proceedings of the Cloud Computing Security Workshop
T2 - 2012 ACM Workshop on Cloud Computing Security Workshop, CCSW 2012
Y2 - 19 October 2012 through 19 October 2012
ER -