Abstract
It can be said that a system is as secure as its most insecure component. Since the most important component of Cloud is virtualization, breaking it would mean breaking the Cloud. This is what covert channels are capable of “Covert channels” represent a concept as actual as it is old; they make use of shared resources, or even the network, to send confidential information. They are difficult to detect, especially since nowadays servers host thousands of virtual machines. However, this is not impossible. This paper demonstrates that covert channels, although a real threat to the Cloud, may still be detected with high accuracy. We also present in depth a way in which data can be transmitted between virtual machines, using the CPU load-based technique.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alam, M., Sethi, S.: Detection of information leakage in cloud. arXiv preprint arXiv:1504.03539 (2015)
Buyya, R., et al.: High Performance Cluster Computing: Architectures and Systems, vol. 1. Prentice Hall, Upper Saddle River (1999)
Douglis, F., Krieger, O.: Virtualization. IEEE Internet Comput. 17(2), 6–9 (2013)
Dunn, P.F.: Measurement and data analysis for engineering and science (2005)
Goudar, R., Edekar, S.: Covert channels: emerged in mystery and departed in confusion. IJCSNS 11(11), 34 (2011)
Lampson, B.W.: A note on the confinement problem. Commun. ACM (1973)
Mather, T., Kumaraswamy, S., Latif, S.: Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance. O’Reilly Media, Inc. (2009)
Saltaformaggio, B., Xu, D., Zhang, X.: Busmonitor: a hypervisor-based solution for memory bus covert channels. In: Proceedings of EuroSec (2013)
Sosinsky, B.: Cloud Computing Bible, vol. 762. Wiley (2010)
Vaquero, L.M., Rodero-Merino, L., Caceres, J., Lindner, M.: A break in the clouds: towards a cloud definition. ACM SIGCOMM. Comput. Commun. Rev. 39(1), 50–55 (2008)
Wu, J., Ding, L., Wu, Y., Nasro, M.-A., Khan, S.U., Wang, Y.: C2detector: a covert channel detection framework in cloud computing. Secur. Commun. Netw. 7(3), 544–557 (2014)
Acknowledgement
This work has been funded by University Politehnica of Bucharest, through the Excellence Research Grants Program, UPB - GEX. Identifier: UPB - EXCELENŢĂ - 2016 Privacy and anonymity for Data Clouds, Contract number AU11-16-16.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Mihai, I., Leordeanu, C., Pătraşcu, A. (2017). Covert Channels Implementation and Detection in Virtual Environments. In: Yan, Z., Molva, R., Mazurczyk, W., Kantola, R. (eds) Network and System Security. NSS 2017. Lecture Notes in Computer Science(), vol 10394. Springer, Cham. https://doi.org/10.1007/978-3-319-64701-2_44
Download citation
DOI: https://doi.org/10.1007/978-3-319-64701-2_44
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-64700-5
Online ISBN: 978-3-319-64701-2
eBook Packages: Computer ScienceComputer Science (R0)