Summary
- Attackers can build various side channels to circumvent the logical isolation in cloud physical machines, and obtain sensitive information from co-resident VMs
- Coarse-grained, e.g., workloads and web traffic rates
- Since the cache utilization rate has a large impact on the execution time of the cache read operation, attackers can infer the victim's cache usage and workload information, by applying the Prime+Probe technique.
- Similarly, they can estimate the victim's web traffic rate, which also has a strong correlation with the execution time of cache operations. [2]
- [1] demonstrate a clear correlation between a victim's web traffic rate with the load sample.
- Fine-grained, e.g., cryptographic keys.
- Attackers can exploit shared hardware resources, such as the instruction cache, to extract cryptographic keys. Specifically, the following challenges are overcomed
- Dealing with core migrations and determining if an observation is associated with the victim
- Filtering out hardware and software noise, and regaining access to the target CPU core with sufficient frequency
- For clever attackers, even seemingly innocuous information like workload statistics can be useful.
- For example, such data can be used to identify when the system is most vulnerable, i.e., the time to launch further attacks, such as Denial of Service attacks. [9]
Reference
[1] Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds, by Restenpart, T. et al., in CCS09
[2] Using Virtual Machine Allocation Policies to Defend against Co-resident Attacks in Cloud Computing, by Yi Han et al, in Transactions on Dependable and Secure Computing
No comments:
Post a Comment