Detecting Cache-Based Side Channel Attacks in the Cloud: An Approach with Cascade Detection Mode

被引:2
作者
Yu, Si [1 ]
Gui, Xiaolin [1 ]
Zhang, Xuejun [1 ,2 ]
Lin, Jiancai [1 ]
Dai, Min [1 ]
机构
[1] Xi An Jiao Tong Univ, Shaanxi Prov Key Lab Comp Network, Sch Elect & Informat Engn, Xian, Peoples R China
[2] Lanzhou Jiaotong Univ, Sch Elect & Informat Engn, Lanzhou, Peoples R China
来源
JOURNAL OF INTERNET TECHNOLOGY | 2014年 / 15卷 / 06期
关键词
Cloud computing; Virtualization; Information security; Side channel attacks; Attack detection; SECURITY;
D O I
10.6138/JIT.2014.15.6.03
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Information leakage introduced by side channel attacks (SCA) has become a serious threat to the cloud. Using SCA, malicious users can steal private information from other virtual machines by analyzing third party distinct resource-contention responses. To the best of our knowledge, the investigation in detecting SCA in the cloud is very limited. In this paper, we introduce a novel approach for detecting cache-based side channel attacks, named SideDetector, based on the observation that the creation of a side channel has certain effects on the resource utilization in both the host machines and virtual machines. First, exploring this observation, we analyze the attack features from both the hosts and guests and propose four detection metrics. Second, we investigate the use of cascade detection mode, which consists of the stage of host detection and guest detection. Third, shape tests and regularity tests are used to calculate the detection metrics, and pattern recognition techniques are used to indicate the attacks. Finally, we conduct a series of experiments to evaluate the SideDetector. The experimental results show that SideDetector is capable of detecting the cache-based side channel attacks in the cloud effectively.
引用
收藏
页码:903 / 915
页数:13
相关论文
共 26 条
[1]  
Aciiçmez O, 2007, CSAW'07: PROCEEDINGS OF THE 2007 ACM COMPUTER SECURITY ARCHITECTURE WORKSHOP, P11
[2]  
Aciiçmez O, 2010, LECT NOTES COMPUT SC, V6225, P110, DOI 10.1007/978-3-642-15031-9_8
[3]  
Aciicmez Onur., 2007, Proceedings of the 2nd ACM symposium on Information, computer and communications security, P312
[4]  
[Anonymous], 2012, Cross-VM Side Channels and Their Use to Extract Private Keys, Computer and communications security", p, DOI DOI 10.1145/2382196.2382230
[5]  
[Anonymous], 1996, CRYPTO, DOI DOI 10.1007/3-540-68697-5_9
[6]   IP Covert Channel Detection [J].
Cabuk, Serdar ;
Brodley, Carla E. ;
Shields, Clay .
ACM TRANSACTIONS ON INFORMATION AND SYSTEM SECURITY, 2009, 12 (04)
[7]   Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow [J].
Chen, Shuo ;
Wang, Rui ;
Wang, XiaoFeng ;
Zhang, Kehuan .
2010 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, 2010, :191-206
[8]  
Freiling FC, 2011, IFIP ADV INF COMM TE, V354, P41
[9]   An Entropy-Based Approach to Detecting Covert Timing Channels [J].
Gianvecchio, Steven ;
Wang, Haining .
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2011, 8 (06) :785-797
[10]   Characterizing the Efficacy of the NRL Network Pump in Mitigating Covert Timing Channels [J].
Gorantla, Siva K. ;
Kadloor, Sachin ;
Kiyavash, Negar ;
Coleman, Todd P. ;
Moskowitz, Ira S. ;
Kang, Myong H. .
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2012, 7 (01) :64-75
123