21,954 Hits in 5.6 sec

Survey on Cache-Based Side-Channel Attacks in Cloud Computing

Hesham Abusaimeh
2020 International Journal of Emerging Trends in Engineering Research  
The Cache based side-channel attacks in cloud computing happened when a single physical host in a cloud computing data center run programs of two different corporations each program runs in its Virtual  ...  that can be implemented to reduce the Cache based side-channel attacks.  ...  the method to prevent the Cache based side-channel attacks Survey on Cache-Based Side-Channel Attacks in Cloud Computing Hesham Abusaimeh 1 , Halah Atta 2 , Hadeel Shihadeh 3 1 Associate Professor in  ... 
doi:10.30534/ijeter/2020/11842020 fatcat:spnlmp74urcyferi4hsxk4epxm

Cache-based side-channel attacks detection through Intel Cache Monitoring Technology and Hardware Performance Counters

Mohammad-Mahdi Bazm, Thibaut Sautereau, Marc Lacoste, Mario Sudholt, Jean-Marc Menaud
2018 2018 Third International Conference on Fog and Mobile Edge Computing (FMEC)  
D R A F T Abstract-Research on cache-based side-channel attacks shows the security impact of these attacks on cloud computing.  ...  In this paper, we present an approach to detect cross-VM cache-based side-channel attacks through using hardware fine-grained information provided by Intel Cache Monitoring Technology (CMT) and Hardware  ... 
doi:10.1109/fmec.2018.8364038 dblp:conf/fmec/BazmSLSM18 fatcat:7kjwef2oofcpdihejyah4yayka

Survey of Microarchitectural Side and Covert Channels, Attacks, and Defenses

Jakub Szefer
2018 Journal of Hardware and Systems Security  
Processor microarchitectural side and covert channel attacks have emerged as some of the most clever attacks, and ones which are difficult to deal with, without impacting system performance.  ...  Unlike electromagnetic or power-based channels, microarchitectural side and covert channel do not require physical proximity to the target device.  ...  Detection based on entropy-based approach [25] or dynamically tracking conflict patterns over the use of shared processor hardware have been shown [16] .  ... 
doi:10.1007/s41635-018-0046-1 dblp:journals/jhss/Szefer19 fatcat:zttnnct3abfztal47n2evmb62e

Side-channels beyond the cloud edge: New isolation threats and solutions

Mohammad-Mahdi Bazm, Marc Lacoste, Mario Sudholt, Jean-Marc Menaud
2017 2017 1st Cyber Security in Networking Conference (CSNet)  
results. increase the accuracy of co-residency detection [22] . 2) Attack Prerequisites Co-residency detection is easier in container-based environments than in VM-based ones because of more existing  ...  We introduce a new concept of distributed side-channel attack (DSCA) that is based on coordinating local attack techniques.  ... 
doi:10.1109/csnet.2017.8241986 dblp:conf/csnet/BazmLSM17 fatcat:jwuqts2fxvb7zcgq2lzujfy2ra

A survey of microarchitectural timing attacks and countermeasures on contemporary hardware

Qian Ge, Yuval Yarom, David Cock, Gernot Heiser
2016 Journal of Cryptographic Engineering  
Microarchitectural timing channels expose hidden hardware state though timing.  ...  We survey recent attacks that exploit microarchitectural features in shared hardware, especially as they are relevant for cloud computing.  ...  Although Hu did not demonstrate the attack on a hardware platform, the attack can be used on the shared LLC. Similarly, Percival [129] explored covert channels based on LLC collisions.  ... 
doi:10.1007/s13389-016-0141-6 fatcat:7fvkr7h54rbl5mx6vrochsgtkm

CloudRadar: A Real-Time Side-Channel Attack Detection System in Clouds [chapter]

Tianwei Zhang, Yinqian Zhang, Ruby B. Lee
2016 Lecture Notes in Computer Science  
We present CloudRadar , a system to detect, and hence mitigate, cache-based side-channel attacks in multi-tenant cloud systems.  ...  uses anomaly-based detection techniques to monitor the co-located VMs to identify abnormal cache behaviors that are typical during cache-based side-channel attacks.  ...  Yuval Yarom for providing sidechannel attack codes, and the anonymous reviewers for their feedback on this work.  ... 
doi:10.1007/978-3-319-45719-2_6 fatcat:6mrcwa32ozbhpn3ru2npba4gai

Detecting co-residency with active traffic analysis techniques

Adam Bates, Benjamin Mood, Joe Pletcher, Hannah Pruse, Masoud Valafar, Kevin Butler
2012 Proceedings of the 2012 ACM Workshop on Cloud computing security workshop - CCSW '12  
Virtualization is the cornerstone of the developing third party compute industry, allowing cloud providers to instantiate multiple virtual machines (VMs) on a single set of physical resources.  ...  This watermark can be used to exfiltrate and broadcast co-residency data from the physical machine, compromising isolation without reliance on internal side channels.  ...  Through our use of Futuregrid, this material is based upon work supported in part by the National Science Foundation under Grant No. 0910812 to Indiana University for "FutureGrid: An Experimental, High-Performance  ... 
doi:10.1145/2381913.2381915 dblp:conf/ccs/BatesMPPVB12 fatcat:2fdzbumsbrcptjoldapjnbua6i

Securing KVM Based Virtual Machine Monitoring System for Handling and Detection of Rootkit Attack

Vijay Pardeshi
2018 International Journal for Research in Applied Science and Engineering Technology  
This gives the access to the virtual machine monitor, Virtual Machine Introspection functionality is unfortunately not available to cloud users on public cloud platforms.  ...  We present our work on the CloudVMI architecture to address about this concern. CloudVMI virtualizes VMI interface and makes this available as-a-service in cloud environment.  ...  [3] This paper "Preventing Cache-Based Side-Channel Attacks in a Cloud Environment", investigate the usage of CPU-cache based side-channels in the Cloud and how they compare to traditional side-channel  ... 
doi:10.22214/ijraset.2018.4275 fatcat:azvbktwcvbf7xb2yn5ovvbb3dq

Extensive Study of Cloud Computing Technologies, Threats and Solutions Prospective

Mwaffaq Abu-Alhaija, Nidal M. Turab, AbdelRahman Hamza
2022 Computer systems science and engineering  
IaaS is one of the basis of cloud virtualization. Recently, security issues are also gradually emerging with virtualization of cloud computing.  ...  of various virtual environment attacks.  ...  This OS-based architecture entirely enables the user to control multiple guests OSs, or VMs installed on the hardware.  ... 
doi:10.32604/csse.2022.019547 fatcat:hgxqvutbrfh5nivblmsuibasnu

Virtual Platform to Analyze the Security of a System on Chip at Microarchitectural Level

Quentin Forcioli, Jean-Luc Danger, Clementine Maurice, Lilian Bossuet, Florent Bruguier, Maria Mushtaq, David Novo, Loic France, Pascal Benoit, Sylvain Guilley, Thomas Perianin
2021 2021 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)  
This paper introduces an ongoing study aiming at analyzing the attacks relying on the hardware vulnerabilities of the microarchitectures of CPUs and SoCs.  ...  One typical example is the exploitation of cache memory which keeps track of the program execution and paves the way to side-channel (SCA) analysis and transient execution attacks like Meltdown and Spectre  ...  Covert channels are a special case of side-channel attacks where the attacker controls both ends, the sender and the receiver.  ... 
doi:10.1109/eurospw54576.2021.00017 fatcat:ljhuwgh3ebb47ksi3bocapspmy

Virtualization Technologies and Cloud Security: advantages, issues, and perspectives [article]

Roberto Di Pietro, Flavio Lombardi
2018 arXiv   pre-print
Further, virtualization allows protected transparent introspection of Virtual Machine activity and content, thus supporting additional control and monitoring.  ...  As an example, even hardware virtualization protection/isolation is far from being perfect and uncircumventable, as recently discovered vulnerabilities show.  ...  The SGX-based branch shadowing attack is described in [33] which can reveal finegrained control flows (i.e., each branch) of an enclave program running on real SGX hardware.  ... 
arXiv:1807.11016v2 fatcat:i724ystx2zcqtgm2aq7bkkkedm


Michael Pearce, Sherali Zeadally, Ray Hunt
2013 ACM Computing Surveys  
Because a virtual machine is not dependent on the state of the physical hardware, multiple virtual machines may be installed on a single set of hardware.  ...  Furthermore, associated technologies such as virtual routing and networking can create challenging issues for security, intrusion control, and associated forensic processes.  ...  We also express our gratitude to Deb Frincke for initiating the early discussions on virtualization which led in part towards the completion of this work.  ... 
doi:10.1145/2431211.2431216 fatcat:rwdetdca3zfwjhd5iiymby5xxe

On detecting co-resident cloud instances using network flow watermarking techniques

Adam Bates, Benjamin Mood, Joe Pletcher, Hannah Pruse, Masoud Valafar, Kevin Butler
2013 International Journal of Information Security  
We go on to consider the detectability of co-resident watermarking, extending our scheme to create a subtler watermarking attack by imitating legitimate cloud customer behavior.  ...  Virtualization is the cornerstone of the developing third-party compute industry, allowing cloud providers to instantiate multiple virtual machines (VMs) on a single set of physical resources.  ...  Through our use of Futuregrid, this material is based upon work supported in part by the National Science Foundation Under Grant No. 0910812 to Indiana University for "FutureGrid: An Experimental, High-Performance  ... 
doi:10.1007/s10207-013-0210-0 fatcat:xzpe7dvlwvf5bit53mngls3vpi

Virtualization Technology: Cross-VM Cache Side Channel Attacks make it Vulnerable [article]

Alan Litchfield, Abid Shahzad
2016 arXiv   pre-print
One of the most sophisticated forms of attack is the cross-VM cache side channel attack that exploits shared cache memory between VMs.  ...  However, virtualization introduces serious threats to service delivery such as Denial of Service (DoS) attacks, Cross-VM Cache Side Channel attacks, Hypervisor Escape and Hyper-jacking.  ...  The cache-based side channel attack presents a serious threat to the cloud virtual environment.  ... 
arXiv:1606.01356v1 fatcat:tvyk6qhd2fdbpnjbkth2s3ag7i

Lessons Learned from Blockchain Applications of Trusted Execution Environments and Implications for Future Research [article]

Rabimba Karanjai, Lei Xu, Lin Chen, Fengwei Zhang, Zhimin Gao, Weidong Shi
2022 arXiv   pre-print
Modern computer systems tend to rely on large trusted computing bases (TCBs) for operations.  ...  The promise of integrity and security has driven developers to adopt it for use cases involving access control, PKS, IoT among other things.  ...  non-vulnerable cryptography libraries resistant to cache side-channel attacks; and (iii) applying Zigzagger compiler to reduce control flow footprint.  ... 
arXiv:2203.12724v1 fatcat:gnimklb73ba6vj767wn7aaybay
« Previous Showing results 1 — 15 out of 21,954 results