Skip to main content
SpringerLink
Log in

CovertInspector: Identification of Shared Memory Covert Timing Channel in Multi-tenanted Cloud

  • Published:
International Journal of Parallel Programming Aims and scope Submit manuscript

Abstract

Memory deduplication improves the memory efficiency of common multi-tenanted cloud. Due to the cross-VM memory sharing, malicious users can mount covert channel attack to steal secret information. While this kind of attack does not break the normal restrictions, it is very hard to detect and defend. In the paper, we present the design, implementation and evaluation of CovertInspector—a VMM-based system to identify and eliminate a covert timing channel constructed on shared memory. Our proof-of-concept prototype is built on KVM and Kernel Samepage Merging (KSM), with minor modification to KVM hypervisor (about 300 LOC). Further evaluation shows that CovertInspector is able to fully identify and eliminate such kind of covert channel with tolerable impact to the performance of guest VMs.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Zhao, S., Lee, P.P., Lui, J., Guan, X., Ma, X., Tao, J.: Cloud-based push-styled mobile botnets: a case study of exploiting the cloud to device messaging service. In: Proceedings of the 28th Annual Computer Security Applications Conference, pp. 119–128. ACM (2012)

  2. Zhang, Y., Juels, A., Reiter, M.K., Ristenpart, T.: Cross-VM side channels and their use to extract private keys. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 305–316. ACM (2012)

  3. Lipinski, B., Mazurczyk, W., Szczypiorski, K.: Improving hard disk contention-based covert channel in cloud computing. In: Proceedings of the 2014 IEEE Symposium on Security and Privacy Workshop, pp. 100–107. IEEE (2014)

  4. Chen, Z., Dong, W., Li, H., Zhang, P.: Collaborative network security in multi-tenant data center for cloud computing. Tsinghua Sci. Technol. 19(1), 82–94 (2014)

    Article  Google Scholar 

  5. Zhu, Y., Yu, M., Hu, H., Ahn, G.J., Zhao, H.: Efficient construction of provably secure steganography under ordinary covert channels. Sci. China Inf. Sci. 55(7), 1639–1649 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  6. Lampson, B.L.: A note on the confinement problem. Commun. ACM 16(10), 613–615 (1973)

    Article  Google Scholar 

  7. Cabuk, S., Brodley, C.E., Shields, C.: IP covert timing channels: design and detection. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 178–187. ACM (2004)

  8. Okamura, K., Oyama, Y.: Load-based covert channels between Xen virtual machines. In: Proceedings of the 2010 ACM Symposium on Applied Computing, pp. 173–180. ACM (2010)

  9. Xu, Y., Bailey, M., Jahanian, F., Joshi, K., Hiltunen, M., Schlichting, R.: An exploration of L2 cache covert channels in virtualized environments. In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security, pp. 29–40. ACM (2011)

  10. Wu, Z., Xu, Z., Wang, H.: Whispers in the hyper-space: high-speed covert channel attacks in the cloud. In: Proceedings of the 21st USENIX Conference on Security Symposium, pp. 159–173. USENIX Association (2012)

  11. Tsai, C.R., Gligor, V.D.: A bandwidth computation model for covert storage channels and its applications. In: Proceedings of the 1988 IEEE Symposium on Security and Privacy, pp. 108–121. IEEE (1988)

  12. Hu, W.M.: Lattice scheduling and covert channels. In: Proceedings of the 1992 IEEE Symposium on Security and Privacy, pp. 52–61. IEEE (1992)

  13. Bernstein, D.J.: Cache-timing attacks on AES. http://cr.yp.to/papers.html#cachetiming (2005). Accessed 10 June 2015

  14. Wang, Z., Lee, R.B.: Covert and side channels due to processor architecture. In: Proceedings of the 22nd Annual Computer Security Applications Conference, pp. 473–482. IEEE (2006)

  15. Wu, J., Ding, L., Wang, Y., Han, W.: Identification and evaluation of sharing memory covert timing channel in Xen virtual machines. In: Proceedings of the 4th International Conference on Cloud Computing, pp. 283–291. IEEE (2011)

  16. Xiao, J., Xu, Z., Huang, H., Wang, H.: Security implications of memory deduplication in a virtualized environment. In: Proceedings of the 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 1–12. IEEE (2013)

  17. Rezaei, F., Hempel, M., Shrestha, P.L., Sharif, H.: Achieving robustness and capacity gains in covert timing channels. In: Proceedings of the 2014 IEEE International Conference on Communications, pp. 969–974. IEEE (2014)

  18. Wang, Y., Ferraiuolo, A., Suh, G.E.: Timing channel protection for a shared memory controller. In: Proceedings of the 20th International Symposium on High Performance Computer Architecture, pp. 225–236. IEEE (2014)

  19. Waldspurger, C.A.: Memory resource management in VMWare ESX server. ACM SIGOPS Oper. Syst. Rev. 36(SI), 181–194 (2002)

    Article  Google Scholar 

  20. Arcangeli, A., Eidus, I., Wright, C.: Increasing memory density by using KSM. In: Proceedings of the 2009 Ottawa Linux Symposium, pp. 19–28 (2009)

  21. Gupta, D., Lee, S., Vrable, M., Savage, S., Snoeren, A.C., Varghese, G., Voelker, G.M., Vahdat, A.: Difference engine: harnessing memory redundancy in virtual machines. Commun. ACM 53(10), 85–93 (2010)

    Article  Google Scholar 

  22. Suzaki, K., Iijima, K., Yagi, T., Artho, C.: Implementation of a memory disclosure attack on memory deduplication of virtual machines. IEICE Trans. Fundam. Electr. Commun. Comput. Sci. 96(1), 215–224 (2013)

    Article  Google Scholar 

  23. Wu, J., Ding, L., Lin, Y., Min-Allah, N., Wang, Y.: XenPump: a new method to mitigate timing channel in cloud computing. In: Proceedings of the 5th International Conference on Cloud Computing, pp. 678–685. IEEE (2012)

  24. Page fault. OSDev.org. http://wiki.osdev.org/Page_fault (2008). Accessed 10 June 2015

  25. Kang, H.: Low level design for identification of the guest OS process from VMM: KVM. http://blog.csdn.net/kanghua/article/details/1767032 (2007). Accessed 10 June 2015

  26. Smith, B., Grehan, R., Yager, T., Niemi, D. C.: Byte-unixbench: a Unix benchmark suite. http://code.google.com/p/byte-unixbench/ (2009). Accessed 10 June 2015

  27. Staelin, C.: Lmbench: an extensible micro-benchmark suite. Softw. Pract. Exp. 35(11), 1079–1105 (2005)

    Article  Google Scholar 

Download references

Acknowledgments

This work is supported by National Basic Research Program of China (973 Program) under Grant No. 2014CB340600, and National Natural Science Foundation of China under Grant No. 61370106.

Author information

Authors and Affiliations

  1. Services Computing Technology and System Lab, Cluster and Grid Computing Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China

    Sheng Wang, Weizhong Qiang & Hai Jin

  2. Shield Lab, Huawei Technologies Co. Ltd., Shenzhen, 518129, China

    Jinfeng Yuan

Authors
  1. Sheng Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Weizhong Qiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hai Jin
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jinfeng Yuan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Weizhong Qiang.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wang, S., Qiang, W., Jin, H. et al. CovertInspector: Identification of Shared Memory Covert Timing Channel in Multi-tenanted Cloud. Int J Parallel Prog 45, 142–156 (2017). https://doi.org/10.1007/s10766-015-0391-4

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10766-015-0391-4

Keywords

Search

Navigation