Filters








200 Hits in 5.9 sec

Practical overview of a Xen covert channel

Mickaël Salaün
2009 Journal in Computer Virology  
Thereafter, it explains how to exploit this mechanism to reach a new method of covert channel for virtual machines.  ...  Finally, experimental results show that the proof of concept can stealthily transfer data between virtual machines.  ...  So, we have a kind of communication, which can be called covert channel, between several accomplice virtual machines.  ... 
doi:10.1007/s11416-009-0131-7 fatcat:p25zas3kazdxpetoywvbgy5aou

A Review of Virtual Machine Attack Based on Xen

xun-yi Ren, yu-qi Zhou, S.A. Hamouda, M. Mirzaei, Z. Yu
2016 MATEC Web of Conferences  
Analyzing the threat with the security of virtual machine and summarizing attack about virtual machine based on XEN to predict visible security hidden recently.  ...  Base on this paper can provide a reference for the further research on the security of virtual machine. , matecconf/2016 MATEC Web of Conferences 61 6103003  ...  Attack between two VM VM to VM mode via access common source to attack, covert channel is famous in all of attack ways which implant code into physical machine because of error in process, memory and other  ... 
doi:10.1051/matecconf/20166103003 fatcat:lgj3eju4cfhdzpj22leb7ppimm

A novel covert channel detection method in cloud based on XSRM and improved event association algorithm

Lina Wang, Weijie Liu, Neeraj Kumar, Debiao He, Cheng Tan, Debin Gao
2016 Security and Communication Networks  
A novel covert channel detection method in cloud based on XSRM and improved event association algorithm.  ...  Compared to the popular statistical test methods focusing on the single covert channel, our method is capable of recognizing and detecting more covert channels in real time.  ...  A novel covert channel detection method in cloud based on XSRM and improved event association algorithm  ... 
doi:10.1002/sec.1560 fatcat:l77phb33knb4tcvgnt2luqrk3m

A Covert Channel Using Event Channel State on Xen Hypervisor [chapter]

Qingni Shen, Mian Wan, Zhuangzhuang Zhang, Zhi Zhang, Sihan Qing, Zhonghai Wu
2013 Lecture Notes in Computer Science  
Covert channel between virtual machines is one of serious threats to cloud computing, since it will break the isolation of guest OSs.  ...  Then we develop a covert channel called CCECS(Covert Channel using Event Channel State) and implement it on Xen hypervisor.  ...  In this paper, we analyze the event channel mechanism in Xen and develop a reliable covert channel to transfer information between two virtual machines.  ... 
doi:10.1007/978-3-319-02726-5_10 fatcat:xlia5kslbncd5ntvz5svhna3ha

Detecting co-residency with active traffic analysis techniques

Adam Bates, Benjamin Mood, Joe Pletcher, Hannah Pruse, Masoud Valafar, Kevin Butler
2012 Proceedings of the 2012 ACM Workshop on Cloud computing security workshop - CCSW '12  
for unauthorized access to sensitive customer information through the exploitation of covert side channels.  ...  Virtualization is the cornerstone of the developing third party compute industry, allowing cloud providers to instantiate multiple virtual machines (VMs) on a single set of physical resources.  ...  Through our use of Futuregrid, this material is based upon work supported in part by the National Science Foundation under Grant No. 0910812 to Indiana University for "FutureGrid: An Experimental, High-Performance  ... 
doi:10.1145/2381913.2381915 dblp:conf/ccs/BatesMPPVB12 fatcat:2fdzbumsbrcptjoldapjnbua6i

C2Hunter: Detection and Mitigation of Covert Channels in Data Centers [chapter]

Jingzheng Wu, Yanjun Wu, Bei Guan, Yuqi Lin, Samee U. Khan, Nasro Min-Allah, Yongji Wang
2015 Handbook on Data Centers  
They quantitatively evaluate the channel performance and develop CCCV (Covert Channels using CPU loads between Virtual machines) which creates covert channel to communicate secretly.  ...  They state that any physical machine resources multiplexed between the attacker and target may form a potentially leakage channel between the virtual machines.  ... 
doi:10.1007/978-1-4939-2092-1_32 fatcat:pzkbrxhrzffo3egsgw2vpvcvgm

Security implications of memory deduplication in a virtualized environment

Jidong Xiao, Zhang Xu, Hai Huang, Haining Wang
2013 2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)  
On one hand, using the artifact above, we demonstrate two new attacks to create a covert channel and detect virtualization, respectively.  ...  By merging identical memory contents, it allows more virtual machines to run concurrently on top of a hypervisor.  ...  In this paper, we have demonstrated that attackers can build a new covert channel and detect virtual machine monitors based on memory deduplication.  ... 
doi:10.1109/dsn.2013.6575349 dblp:conf/dsn/XiaoXHW13 fatcat:fslhtw5ivje5jgfnjyjzahccwy

On detecting co-resident cloud instances using network flow watermarking techniques

Adam Bates, Benjamin Mood, Joe Pletcher, Hannah Pruse, Masoud Valafar, Kevin Butler
2013 International Journal of Information Security  
unauthorized access to sensitive customer information through the exploitation of covert side channels.  ...  Virtualization is the cornerstone of the developing third-party compute industry, allowing cloud providers to instantiate multiple virtual machines (VMs) on a single set of physical resources.  ...  Through our use of Futuregrid, this material is based upon work supported in part by the National Science Foundation Under Grant No. 0910812 to Indiana University for "FutureGrid: An Experimental, High-Performance  ... 
doi:10.1007/s10207-013-0210-0 fatcat:xzpe7dvlwvf5bit53mngls3vpi

C5: Cross-Cores Cache Covert Channel [chapter]

Clémentine Maurice, Christoph Neumann, Olivier Heen, Aurélien Francillon
2015 Lecture Notes in Computer Science  
We experimentally evaluate the covert channel in native and virtualized environments. In particular, we successfully establish a covert channel between virtual machines running on different cores.  ...  We measure a bitrate of 1291bps for a native setup, and 751bps for a virtualized setup. This is one order of magnitude above previous cache-based covert channels in the same setup.  ...  Covert and side channels have been built in a native environment between two processes, and in a virtualized environment between two virtual machines.  ... 
doi:10.1007/978-3-319-20550-2_3 fatcat:jxue6hwaffhbzha7pjzzzqp7da

UVHM: Model Checking Based Formal Analysis Scheme for Hypervisors [chapter]

Yuchao She, Hui Li, Hui Zhu
2013 Lecture Notes in Computer Science  
Hypervisors act a central role in virtualization for cloud computing.  ...  Finally, the effectiveness of the method is demonstrated by detecting the vulnerability of Xen-3.3.0 in which a bug is added.  ...  For inter-domain security infringement, covert channel analysis will be adopted. Meta-flows [11] are combined to construct potential covert channels.  ... 
doi:10.1007/978-3-642-36818-9_31 fatcat:r54pedyv5nfpnn4vz7m5dzrra4

A covert channel construction in a virtualized environment

Jidong Xiao, Zhang Xu, Hai Huang, Haining Wang
2012 Proceedings of the 2012 ACM conference on Computer and communications security - CCS '12  
By exploiting this artifact, we demonstrate a new covert channel can be built in a virtualized environment.  ...  We develop a reliable covert channel to transfer information between two virtual machines.  ...  We first validate the feasibility of the memory deduplication based covert channel. We boot two virtual machines on the same hypervisor.  ... 
doi:10.1145/2382196.2382318 dblp:conf/ccs/XiaoXHW12 fatcat:whcor5kkv5fj7genvnip56b6vq

Managing the risk of covert information flows in virtual machine systems

Trent Jaeger, Reiner Sailer, Yogesh Sreenivasan
2007 Proceedings of the 12th ACM symposium on Access control models and technologies - SACMAT '07  
For example, the sHype MAC system for the Xen virtual machine monitor is part of the mainline Xen distribution.  ...  Flexible mandatory access control (MAC) enforcement is now available for virtual machine systems.  ...  resources and authorizes overt information flows between Xen VMs.  ... 
doi:10.1145/1266840.1266853 dblp:conf/sacmat/JaegerSS07 fatcat:cjnfr6d72jcmthmo2lsa4nph7m

KvmSec

Flavio Lombardi, Roberto Di Pietro
2009 Proceedings of the 2009 ACM symposium on Applied Computing - SAC '09  
machines; it can provide secure communication between each of the guests and the host; and, it can be deployed on Linux hosts and at present supports Linux guest machines.  ...  In this paper we propose an architecture (KvmSec) that is an extension to the Linux Kernel Virtual Machine aimed at increasing the security of guest virtual machines.  ...  covert channels whereas Yang [16] modifies Xen to protect user application data privacy by removing the operating system from the trusted base.  ... 
doi:10.1145/1529282.1529733 dblp:conf/sac/LombardiP09 fatcat:dmfpcxlcbvfqhjjmfycjnthnwi

C2Detector: a covert channel detection framework in cloud computing

Jingzheng Wu, Liping Ding, Yanjun Wu, Nasro Min-Allah, Samee U. Khan, Yongji Wang
2013 Security and Communication Networks  
The channels are classified into three categories, and only the category that is new to cloud computing is concerned, for example, CPU load-based, cache-based, and shared memory-based covert channels.  ...  However, a covert channel can break the isolation of the virtualization platform and leak confidential information without letting it known by virtual machines.  ...  Three categories of covert channels in Xen virtual machines. Figure 3 3 Figure 3 shows the architecture of C 2 Detector. C 2 Detector consists of two-part components.  ... 
doi:10.1002/sec.754 fatcat:t4mlcezynzczbjq3ol23ag6oea

An exploration of L2 cache covert channels in virtualized environments

Yunjing Xu, Michael Bailey, Farnam Jahanian, Kaustubh Joshi, Matti Hiltunen, Richard Schlichting
2011 Proceedings of the 3rd ACM workshop on Cloud computing security workshop - CCSW '11  
Recent exploration into the unique security challenges of cloud computing have shown that when virtual machines belonging to different customers share the same physical machine, new forms of cross-VM covert  ...  In this paper, we explore one of these threats, L2 cache covert channels, and demonstrate the limits of these this threat by providing a quantification of the channel bit rates and an assessment of its  ...  It allows developers to rent virtual machine instances from its data center in a pay-as-you-go manner. EC2 uses a customized version of Xen to support the service.  ... 
doi:10.1145/2046660.2046670 dblp:conf/ccs/XuBJJHS11 fatcat:577xdtnssng3bjnhdkrawef62a
« Previous Showing results 1 — 15 out of 200 results