TY - JOUR
T1 - From Colocation to Exfiltration
T2 - Practical Cache Side-Channel Attacks in the Modern Public Cloud
AU - Zhao, Zirui Neil
AU - Morrison, Adam
AU - Fletcher, Christopher W.
AU - Torrellas, Josep
N1 - Publisher Copyright:
© 1981-2012 IEEE.
PY - 2025
Y1 - 2025
N2 - Sharing resources among tenants is fundamental to public clouds, enhancing efficiency but also creating opportunities for microarchitectural side-channel attacks. However, cloud vendors remain skeptical about the practicality of these attacks, particularly regarding the ability to colocate attacker and victim, and to overcome system noise. In this work, we develop a series of techniques for each step of the attack and, for the first time, demonstrate cross-tenant information leakage on the public Google Cloud Run, refuting the belief that such attacks are impractical. Our findings highlight the need to secure public clouds against side-channel attacks.
AB - Sharing resources among tenants is fundamental to public clouds, enhancing efficiency but also creating opportunities for microarchitectural side-channel attacks. However, cloud vendors remain skeptical about the practicality of these attacks, particularly regarding the ability to colocate attacker and victim, and to overcome system noise. In this work, we develop a series of techniques for each step of the attack and, for the first time, demonstrate cross-tenant information leakage on the public Google Cloud Run, refuting the belief that such attacks are impractical. Our findings highlight the need to secure public clouds against side-channel attacks.
UR - https://www.scopus.com/pages/publications/105007990033
UR - https://www.scopus.com/pages/publications/105007990033#tab=citedBy
U2 - 10.1109/MM.2025.3574715
DO - 10.1109/MM.2025.3574715
M3 - Article
AN - SCOPUS:105007990033
SN - 0272-1732
VL - 45
SP - 95
EP - 102
JO - IEEE Micro
JF - IEEE Micro
IS - 4
ER -