Sneak-Peek: High speed covert channels in data center networks

Rashid Tahir; Mohammad Taha Khan; Xun Gong; Adnan Ahmed; Amiremad Ghassami; Hasanat Kazmi; Matthew Caesar; Fareed Zaffar; Negar Kiyavash

doi:10.1109/INFOCOM.2016.7524467

Sneak-Peek: High speed covert channels in data center networks

Rashid Tahir, Mohammad Taha Khan, Xun Gong, Adnan Ahmed, Amiremad Ghassami, Hasanat Kazmi, Matthew Caesar, Fareed Zaffar, Negar Kiyavash

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

With the advent of big data, modern businesses face an increasing need to store and process large volumes of sensitive customer information on the cloud. In these environments, resources are shared across a multitude of mutually untrusting tenants increasing propensity for data leakage. This problem stands to grow further in severity with increasing use of clouds in all aspects of our daily lives and the recent spate of high-profile data exfiltration attacks are evidence. To highlight this serious issue, we present a novel and highspeed network-based covert channel that is robust and circumvents a broad set of security mechanisms currently deployed by cloud vendors. We successfully test our channel on numerous network environments, including commercial clouds such as EC2 and Azure. Using an information theoretic model of the channel, we derive an upper bound on the maximum information rate and propose an optimal coding scheme. Our adaptive decoding algorithm caters to the cross traffic in the channel and maintains high bit rates and extremely low error rates. Finally, we discuss several effective avenues for mitigation of the aforementioned channel and provide insights into how data exfiltration can be prevented in such shared environments.

Original language	English (US)
Title of host publication	IEEE INFOCOM 2016 - 35th Annual IEEE International Conference on Computer Communications
Publisher	Institute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)	9781467399531
DOIs	https://doi.org/10.1109/INFOCOM.2016.7524467
State	Published - Jul 27 2016
Event	35th Annual IEEE International Conference on Computer Communications, IEEE INFOCOM 2016 - San Francisco, United States Duration: Apr 10 2016 → Apr 14 2016

Publication series

Name	Proceedings - IEEE INFOCOM
Volume	2016-July
ISSN (Print)	0743-166X

Other

Other	35th Annual IEEE International Conference on Computer Communications, IEEE INFOCOM 2016
Country/Territory	United States
City	San Francisco
Period	4/10/16 → 4/14/16

ASJC Scopus subject areas

Computer Science(all)
Electrical and Electronic Engineering

Online availability

10.1109/INFOCOM.2016.7524467

Library availability

Discover UIUC Full Text

Cite this

Tahir, R., Khan, M. T., Gong, X., Ahmed, A., Ghassami, A., Kazmi, H., Caesar, M., Zaffar, F., & Kiyavash, N. (2016). Sneak-Peek: High speed covert channels in data center networks. In IEEE INFOCOM 2016 - 35th Annual IEEE International Conference on Computer Communications [7524467] (Proceedings - IEEE INFOCOM; Vol. 2016-July). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/INFOCOM.2016.7524467

Sneak-Peek : High speed covert channels in data center networks. / Tahir, Rashid; Khan, Mohammad Taha; Gong, Xun et al.

IEEE INFOCOM 2016 - 35th Annual IEEE International Conference on Computer Communications. Institute of Electrical and Electronics Engineers Inc., 2016. 7524467 (Proceedings - IEEE INFOCOM; Vol. 2016-July).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Tahir, R, Khan, MT, Gong, X, Ahmed, A, Ghassami, A, Kazmi, H, Caesar, M, Zaffar, F & Kiyavash, N 2016, Sneak-Peek: High speed covert channels in data center networks. in IEEE INFOCOM 2016 - 35th Annual IEEE International Conference on Computer Communications., 7524467, Proceedings - IEEE INFOCOM, vol. 2016-July, Institute of Electrical and Electronics Engineers Inc., 35th Annual IEEE International Conference on Computer Communications, IEEE INFOCOM 2016, San Francisco, United States, 4/10/16. https://doi.org/10.1109/INFOCOM.2016.7524467

@inproceedings{151cef1274654c96a2a28110811e3716,

title = "Sneak-Peek: High speed covert channels in data center networks",

abstract = "With the advent of big data, modern businesses face an increasing need to store and process large volumes of sensitive customer information on the cloud. In these environments, resources are shared across a multitude of mutually untrusting tenants increasing propensity for data leakage. This problem stands to grow further in severity with increasing use of clouds in all aspects of our daily lives and the recent spate of high-profile data exfiltration attacks are evidence. To highlight this serious issue, we present a novel and highspeed network-based covert channel that is robust and circumvents a broad set of security mechanisms currently deployed by cloud vendors. We successfully test our channel on numerous network environments, including commercial clouds such as EC2 and Azure. Using an information theoretic model of the channel, we derive an upper bound on the maximum information rate and propose an optimal coding scheme. Our adaptive decoding algorithm caters to the cross traffic in the channel and maintains high bit rates and extremely low error rates. Finally, we discuss several effective avenues for mitigation of the aforementioned channel and provide insights into how data exfiltration can be prevented in such shared environments.",

author = "Rashid Tahir and Khan, {Mohammad Taha} and Xun Gong and Adnan Ahmed and Amiremad Ghassami and Hasanat Kazmi and Matthew Caesar and Fareed Zaffar and Negar Kiyavash",

note = "Publisher Copyright: {\textcopyright} 2016 IEEE.; 35th Annual IEEE International Conference on Computer Communications, IEEE INFOCOM 2016 ; Conference date: 10-04-2016 Through 14-04-2016",

year = "2016",

month = jul,

day = "27",

doi = "10.1109/INFOCOM.2016.7524467",

language = "English (US)",

series = "Proceedings - IEEE INFOCOM",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

booktitle = "IEEE INFOCOM 2016 - 35th Annual IEEE International Conference on Computer Communications",

address = "United States",

}

TY - GEN

T1 - Sneak-Peek

T2 - 35th Annual IEEE International Conference on Computer Communications, IEEE INFOCOM 2016

AU - Tahir, Rashid

AU - Khan, Mohammad Taha

AU - Gong, Xun

AU - Ahmed, Adnan

AU - Ghassami, Amiremad

AU - Kazmi, Hasanat

AU - Caesar, Matthew

AU - Zaffar, Fareed

AU - Kiyavash, Negar

PY - 2016/7/27

Y1 - 2016/7/27

N2 - With the advent of big data, modern businesses face an increasing need to store and process large volumes of sensitive customer information on the cloud. In these environments, resources are shared across a multitude of mutually untrusting tenants increasing propensity for data leakage. This problem stands to grow further in severity with increasing use of clouds in all aspects of our daily lives and the recent spate of high-profile data exfiltration attacks are evidence. To highlight this serious issue, we present a novel and highspeed network-based covert channel that is robust and circumvents a broad set of security mechanisms currently deployed by cloud vendors. We successfully test our channel on numerous network environments, including commercial clouds such as EC2 and Azure. Using an information theoretic model of the channel, we derive an upper bound on the maximum information rate and propose an optimal coding scheme. Our adaptive decoding algorithm caters to the cross traffic in the channel and maintains high bit rates and extremely low error rates. Finally, we discuss several effective avenues for mitigation of the aforementioned channel and provide insights into how data exfiltration can be prevented in such shared environments.

AB - With the advent of big data, modern businesses face an increasing need to store and process large volumes of sensitive customer information on the cloud. In these environments, resources are shared across a multitude of mutually untrusting tenants increasing propensity for data leakage. This problem stands to grow further in severity with increasing use of clouds in all aspects of our daily lives and the recent spate of high-profile data exfiltration attacks are evidence. To highlight this serious issue, we present a novel and highspeed network-based covert channel that is robust and circumvents a broad set of security mechanisms currently deployed by cloud vendors. We successfully test our channel on numerous network environments, including commercial clouds such as EC2 and Azure. Using an information theoretic model of the channel, we derive an upper bound on the maximum information rate and propose an optimal coding scheme. Our adaptive decoding algorithm caters to the cross traffic in the channel and maintains high bit rates and extremely low error rates. Finally, we discuss several effective avenues for mitigation of the aforementioned channel and provide insights into how data exfiltration can be prevented in such shared environments.

UR - http://www.scopus.com/inward/record.url?scp=84983334775&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84983334775&partnerID=8YFLogxK

U2 - 10.1109/INFOCOM.2016.7524467

DO - 10.1109/INFOCOM.2016.7524467

M3 - Conference contribution

AN - SCOPUS:84983334775

T3 - Proceedings - IEEE INFOCOM

BT - IEEE INFOCOM 2016 - 35th Annual IEEE International Conference on Computer Communications

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 10 April 2016 through 14 April 2016

ER -

Sneak-Peek: High speed covert channels in data center networks

Abstract

Publication series

Other

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this