Skip to main content

Advertisement

SpringerLink
Log in

Behaviour reflects personality: detecting co-residence attacks on Xen-based cloud environments

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Cloud computing is gradually becoming the most popular option of Information Technology infrastructures. However, an important issue that has emerged through that revolution is the preservation of an adequate level of security for the infrastructure and the confrontation of malicious insiders. This paper proposes a methodology for detecting the co-residency attack in the kernel layer of a Xen-based cloud environment, using an implementation of the Smith–Waterman genetic algorithm. The proposed approach has been explored in a test bed environment, producing results that verify its effectiveness.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

References

  1. Douligeris, C., Mitrokotsa, A.: DDoS attacks and defense mechanisms: classification and state-of-the-art. Comput. Netw. 44(5), 643–666 (2004)

  2. Orgill, G.L., Romney, G.W., Bailey, M.G., Orgill, P.M.: The urgency for effective user privacy-education to counter social engineering attacks on secure computer systems. In: Proceedings of the Conference on Information Technology Education, CITC5 (2004)

  3. Krutz, R.L., Vines, R.D.: Cloud Security: A comprehensive guide to secure Cloud Computing. Wiley, New York (2010)

    Google Scholar 

  4. Catteddu, D.: Cloud computing: benefits, risks and recommendations for information security. In: Serrão, C., Aguilera, V., Cerullo, F. (eds.) Web Application Security. Communications in Computer and Information Science, vol. 72, p 17. Springer, Berlin, Heidelberg (2010)

  5. Kandias, M., Virvilis, N., Gritzalis, D.: The insider threat in cloud computing. In: Wolthusen S., et al. (eds.) Proceedings of the 6th International Conference on Critical Infrastructure Security (CRITIS-2011), pp. 95–106. Springer, Switzerland, September 2011

  6. Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: ACM CCS, Chicago (2009)

  7. Roschke, S., Cheng, F., Meinel, C.: An advanced IDS management architecture. J. Inf. Assur. Secur. 5, 246–255 (2010)

  8. http://blog.xen.org/index.php/2013/07/09/xen-4-3-0-released/

  9. Smith, T., Waterman, M.: Identification of common molecular subsequences. J. Mol. Biol. (1981)

  10. Xiao, Z., Xiao, Y.: Security and Privacy in Cloud Computing, Communications Surveys and Tutorials, vol. 99, pp. 1–17. IEEE (2012)

  11. Nmap: http://nmap.org/

  12. Hping: http://www.hping.org/

  13. Wget: http://www.gnu.org/software/wget/

  14. Bates, A.: Dtecting Cloud Co-Residency with Network Flow Watermarking Techniques. MSC Thesis, University of Oregon, September 2012

  15. Zhang, Y., Juels, A., Oprea, A., Reiter, A.: HomeAlone: co-residency detection in the cloud via side-channel analysis. Security and Privacy IEEE Symposium (2011)

  16. Mundada, Y., Ramachndran, A., Feamster, N.: SilverLine: data and network isolation for cloud services. In: Proceedings of the USENIX Workshop on Hot Topics in Cloud Computing (HotCloud) (2011)

  17. Mazzariello, C., Bifulco, R., Canonico, R.: Integrating a network IDS into an open source cloud computing environment. In: Sixth International Conference on Information Assurance and Security (2010)

  18. Schulter, A., Vieira, K., Westphal, C., Westaphal, C., Abderrrahim, S.: Intrusion detection for computational grids. In: Proceedings 2nd Internationall Conference New Technologies Mobility, and Security. IEEE Press (2008)

  19. Cheng, F., Roschke, S., Meinel, C.: Implementing IDS management on lock-keeper. In: Proceedings of 5th Information Security Practice and Experience Conference (ISPEC 09), LNCS 5451, pp. 360–371. Springer (2009)

  20. Cheng, F., Roschke, S., Meinel, C.: An advanced IDS management architecture. J. Inf. Assur. Secur. Dynamic Publishers Inc., vol. 51, pp. 246–255, Atlanta, GA 30362, USA, ISSN 1554–1010, Jan 2010

  21. Cheng, F., Roschke, S., Meinel, C.: Intrusion detection in the cloud. In: Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing, China (2009)

  22. Bharadwaja, S., Sun, W., Niamat, M., Shen, F.: Collabra: axen hypervisor based collaborative intrusion detection system. In: Proceedings of the 8th International Conference on Information Technology: New Generations (ITNG 11), pp. 695–700. Las Vegas, Nev, USA (2011)

  23. Hoang, C.: Protecting Xen hypercalls. MSC thesis, University of British Columbia July (2009)

  24. Backtrack: http://www.backtrack-linux.org/

  25. Douglas, J.E.: http://www.imdb.com/name/nm0235123/bio

  26. Linux Audit: http://www.la-samhna.de/library/audit.html

  27. SED: http://linux.die.net/man/1/sed

  28. OpenSuse: http://www.opensuse.org/

  29. KVM: http://www.techopedia.com/definition/28437/kernel-based-virtual-machine-kvm

Download references

Author information

Authors and Affiliations

  1. University of Piraeus, Athens, Greece

    Nikolaos Pitropakis, Aggelos Pikrakis & Costas Lambrinoudakis

Authors
  1. Nikolaos Pitropakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Aggelos Pikrakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Costas Lambrinoudakis
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nikolaos Pitropakis.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Pitropakis, N., Pikrakis, A. & Lambrinoudakis, C. Behaviour reflects personality: detecting co-residence attacks on Xen-based cloud environments. Int. J. Inf. Secur. 14, 299–305 (2015). https://doi.org/10.1007/s10207-014-0255-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-014-0255-8

Keywords

Search

Navigation