Abstract
Cloud computing infrastructures share hardware resources among different clients, leveraging virtualization to multiplex physical resources among several self-contained execution environments such as virtual machines or Linux containers. Isolation is a core security challenge for such a computing paradigm. It may be threatened by side-channels, created due to the sharing of physical resources like processor caches, or by mechanisms implemented in the virtualization layer. Side-channel attacks (SCAs) exploit and use such leaky channels to obtain sensitive data such as kernel information. This paper aims to clarify the nature of this threat for cloud infrastructures. Current SCAs are performed locally and exploit isolation challenges of virtualized environments to retrieve sensitive information. This paper also clarifies the concept of distributed side-channel attack (DSCA). We explore how such attacks can threaten isolation of any virtualized environments such as cloud computing infrastructures. Finally, we study a set of different applicable countermeasures for attack mitigation in cloud infrastructures.
Similar content being viewed by others
References
Merkel D (2014) Docker: lightweight Linux containers for consistent development and deployment. Linux Journal 2014(239):2
Madhavapeddy A, Mortier R, Rotsos C, Scott D, Singh B, Gazagnaire T, Smith S, Hand S, Crowcroft J (2013) Unikernels: library operating systems for the cloud. ACM SIGPLAN Not 48(4):461–472
Bazm MM, Lacoste M, Südholt M, Menaud JM (2017) Side-channels beyond the cloud edge: new isolation threats and solutions. In Cyber Security in Networking Conference (CSNet), 2017 1st (pp. 1–8). IEEE
Costan V, Devadas S (2016) Intel SGX explained. IACR Cryptology ePrint Archive 2016(086):1–118
Schwarz M, Weiser S, Gruss D, Maurice C, Mangard S (2017) Malware guard extension: Using SGX to conceal cache attacks. In international conference on detection of intrusions and malware, and vulnerability assessment. Springer, Cham, pp 3–24
Kocher Paul et al (J2018), “Spectre attacks: exploiting speculative execution”, ArXiv e-prints
Disselkoen C et al (2017) “Prime+ abort: a timer-free high-precision l3 cache attack using intel TSX.” 26th USENIX Security Symposium. USENIX Security 17, Vancouver
Demme J, Martin R, Waksman A, Sethumadhavan S (2012) SideChannel vulnerability factor: a metric for measuring information leakage. ACM SIGARCH Computer Architecture News 40(3):106–117
Arcangeli A, Eidus I, Wright C (2009) Increasing memory density by using KSM. In Proceedings of the linux symposium (pp. 19–28)
Suzaki K, Iijima K, Yagi T, Artho C (2011) Memory deduplication as a threat to the guest OS. In Proceedings of the Fourth European Workshop on System Security (p. 1). ACM
Apecechea GI, Eisenbarth T, Sunar B (2014) Jackpot stealing information from large caches via huge pages, Cryptology ePrint Archive 2014/970
Weiß M, Heinz B, Stumpf F (2012) A cache timing attack on AES in virtualization environments. In: in International Conference on Financial Cryptography and Data Security. Springer, pp 314–328
Acıiçmez O, Schindler W, Koç ÇK (2007) Cache based remote timing attack on the AES. In Cryptographers’ Track at the RSA Conference (pp. 271-286). Springer, Berlin
Tsunoo Y, Saito T, Suzaki T, Shigeri M, Miyauchi H (2003) Cryptanalysis of DES implemented on computers with cache. In: International Workshop on Cryptographic Hardware and Embedded Systems. Springer, pp 62–76
Gruss D, Maurice C, Wagner K, & Mangard S (2016) Flush+ Flush: a fast and stealthy cache attack. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 279-299). Springer, Cham
Yarom Y, Falkner K (2014) FLUSH+ RELOAD: a high resolution, low noise, L3 cache sidechannel Attack. In USENIX Security Symposium (Vol. 1, pp. 22–25)
Aciiçmez O, Koç ÇK (2006) Trace-driven cache attacks on AES (short paper). In : International Conference on Information and Communications Security. Springer, Berlin, p 112–121
Gallais J-F, Kizhvatov I, Tunstall M (2010) Improved trace-driven cachecollision attacks against embedded AES implementations. In : International Workshop on Information Security Applications. Springer, Berlin, p 243–257
Ristenpart T, Tromer E, Shacham H et al (2009) Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In : Proceedings of the 16th ACM conference on Computer and communications security. ACM, p 199–212
Spreitzer R, Plos T (2013) Cache-access pattern attack on disaligned aes t-tables. In: International Workshop on Constructive Side-Channel Analysis and Secure Design. Springer, Berlin, p 200–214
Lipp M, Schwarz M, Gruss D et al (2018) Meltdown: reading kernel memory from user space. In : 27th {USENIX} Security Symposium ({USENIX} Security 18). p 973–990
Zhang W, Jia X, Wang C, Zhang S, Huang Q, Wang M, Liu P (2016) A comprehensive study of co-residence threat in multi-tenant public paas clouds. In International Conference on Information and Communications Security (pp. 361–375). Springer, Cham
Delimitrou C, Kozyrakis C (2017) Bolt: I know what you did last summer... in the cloud. In: ACM SIGARCH Computer Architecture News. ACM, p 599–613
Varadarajan V, Zhang Y, Ristenpart T, Swift MM (2015) A placement vulnerability study in multi-tenant public clouds. In USENIX Security Symposium (pp. 913–928)
Payer M (2016) HexPADS: a platform to detect “stealth” attacks. In : International Symposium on Engineering Secure Software and Systems. Springer, Cham, p 138–154
Zhang T, Zhang Y, Lee RB (2016) Cloudradar: a real-time side-channel attack detection system in clouds. In : International Symposium on Research in Attacks, Intrusions, and Defenses. Springer, Cham, p 118–140
Chiappetta M, Savas E, Yilmaz C (2016) Real time detection of cache-based side-channel attacks using hardware performance counters. Appl Soft Comput 49:1162–1174
Bazm M-M, Sautereau T, Lacoste M, Südholt M, Menaud J-M (2018) Cache-based side-channel attacks detection through Intel Cache Monitoring Technology and Hardware Performance Counters. 3rd IEEE International Conference on Fog and Mobile Edge Computing (FMEC), Barcelona
Intel’s Cache Monitoring Technology: Use models and data, https://software.intel.com/enus/blogs/2014/12/11/intels-cache-monitoring-technology-use-models-and-data, 2014
Gopal V, Guilford J, Ozturk E, Feghali W, Wolrich G, Dixon M (2009) Fast and constant-time implementation of modular exponentiation. Embedded Systems and Communications Security, Niagara Falls, NY, US
Rivain M, Prouff E (2010) Provably secure higher-order masking of AES. In: International Workshop on Cryptographic Hardware and Embedded Systems. Springer, pp 413–427
Osvik DA, Shamir A, Tromer E (2006) Cache attacks and countermeasures: the case of AES. In: Pointcheval D (ed) Topics in cryptology – CT-RSA 2006. CT-RSA 2006. Lecture notes in computer science, vol 3860. Springer, Berlin
Barthe G, Rezk T, Warnier M (2006) Preventing timing leaks through transactional branching instructions. Electronic Notes in Theoretical Computer Science 153(2):33–55
Cleemput JV, Coppens B, De Sutter B (2012) Compiler mitigations for time attacks on modern x86 processors. ACM Transactions on Architecture and Code Optimization (TACO) 8(4):23
Coppens B, Verbauwhede I, De Bosschere K, De Sutter B (2009) Practical mitigations for timing-based side-channel attacks on modern x86 processors. In: 30th IEEE Symposium on Security and Privacy. IEEE, pp 45–60
Zhang Y, Reiter MK (2013) Düppel: retrofitting commodity operating systems to mitigate cache side channels in the cloud. In : Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. ACM, p 827–838
Kim T, Peinado M, Mainar-Ruiz G (2012) STEALTHMEM: system-level protection against cache-based side channel attacks in the cloud. In : Proceedings of the 21st USENIX conference on Security symposium. USENIX Association, p 11–11
Gens D, Arias O, Sullivan D, Liebchen C, Jin Y, Sadeghi AR (2017) LAZARUS: practical side-channel resilient kernel-space randomization. In International Symposium on Research in Attacks, Intrusions, and Defenses (pp. 238–258). Springer, Cham
Gruss D, Lipp M, Schwarz M, Fellner R, Maurice C, Mangard S (2017) KASLR is dead: long live KASLR. In: International Symposium on Engineering Secure Software and Systems. Springer, Cham, pp 161–176
Zhang Y, Li M, Bai K, Yu M, Zang W (2012) Incentive compatible moving target defense against VM-colocation attacks in clouds. In: IFIP International Information Security Conference. Springer, pp 388–399
Varadarajan V, Ristenpart T, Swift MM (2014) Scheduler-based defenses against cross-vM side-channels. In : USENIX Security Symposium, p 687–702
Jin X, Chen H, Wang X, Wang Z, Wen X, Luo Y, Li X (2009) A simple cache partitioning approach in a virtualized environment. In Parallel and Distributed Processing with Applications, 2009 IEEE International Symposium on (pp. 519-524). IEEE
Shi J, Song X, Chen H, Zang B (2011) Limiting cache-based side-channel in multi-tenant cloud using dynamic page coloring. In Dependable Systems and Networks Workshops (DSN-W), 2011 IEEE/IFIP 41st International Conference on (pp. 194-199). IEEE
Vattikonda BC, Das S, Shacham H (2011) Eliminating fine grained timers in Xen. In : Proceedings of the 3rd ACM workshop on Cloud computing security workshop. ACM, p 41–46
Zhuang R, Deloach SA, Ou X (2014) Towards a theory of moving target defense. In : Proceedings of the First ACM Workshop on Moving Target Defense. ACM, p 31–40
Kong J, Aciicmez O, Seifert JP, Zhou H (2008) Deconstructing new cache designs for thwarting software cache-based side channel attacks. In Proceedings of the 2nd ACM workshop on Computer security architectures (pp. 25–34). ACM
Liu F, Ge Q, Yarom Y, Mckeen F, Rozas C, Heiser G, Lee RB (2016) Catalyst: Defeating last-level cache side channel attacks in cloud computing. In High Performance Computer Architecture (HPCA), 2016 IEEE International Symposium on (pp. 406-418). IEEE
INTEL, C. A. T (2015) Improving real-time performance by utilizing cache allocation technology. Intel Corporation
Wright M, Venkatesan S, Albanese M, Wellman MP (2016) Moving target defense against ddos attacks: An empirical game-theoretic analysis. In Proceedings of the 2016 ACM Workshop on Moving Target Defense (pp. 93–104). ACM
Moon S-J, Sekar V, Reiter MK (2015) Nomad: mitigating arbitrary cloud side channels via provider-assisted migration. In : Proceedings of the 22nd acm sigsac conference on computer and communications security. ACM, p 1595–1606
Hermenier F, Lorca X, Menaud JM, Muller G, Lawall J (2009). Entropy: a consolidation manager for clusters. In Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments (pp. 41-50). ACM
Quesnel F, Lebre A, Südholt M (2013) Cooperative and reactive scheduling in large-scale virtualized platforms with DVMS. Concurrency and Computation: Practice and Experience 25(12):1643–1655
Mills K, Filliben J, Dabrowski C (2011) Comparing vm-placement algorithms for on-demand clouds. In : Cloud Computing Technology and Science (CloudCom), 2011 IEEE Third International Conference on. IEEE, p 91–98
Denneman F (2016) NUMA deep dive part 5: ESXi VMkernel NUMA constructs, http://frankdenneman.nl/tag/numa
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Bazm, MM., Lacoste, M., Südholt, M. et al. Isolation in cloud computing infrastructures: new security challenges. Ann. Telecommun. 74, 197–209 (2019). https://doi.org/10.1007/s12243-019-00703-z
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12243-019-00703-z