Virtualization Technology: Cross-VM Cache Side Channel Attacks make it Vulnerable
作者: Alan Litchfield , Abid Shahzad
DOI:
关键词:
摘要: Cloud computing provides an effective business model for the deployment of IT infrastructure, platform, and software services. Often, facilities are outsourced to cloud providers this offers service consumer virtualization technologies without added cost burden development. However, introduces serious threats delivery such as Denial Service (DoS) attacks, Cross-VM Cache Side Channel Hypervisor Escape Hyper-jacking. One most sophisticated forms attack is cross-VM cache side channel that exploits shared memory between VMs. A results in data leakage, cryptographic keys. Various techniques used by attackers launch presented, a critical analysis countermeasures against attacks.
arxiv.org参考文章(9)
Gorka Irazoqui, Mehmet Sinan Inci, Thomas Eisenbarth, Berk Sunar, Wait a Minute! A fast, Cross-VM Attack on AES recent advances in intrusion detection. pp. 299- 319 ,(2014) , 10.1007/978-3-319-11379-1_15
Yuval Yarom, Katrina Falkner, None, FLUSH+RELOAD: a high resolution, low noise, L3 cache side-channel attack usenix security symposium. pp. 719- 732 ,(2014)
Shruti Chhabra, V. S. Dixit, Cloud Computing: State of the Art and Security Issues ACM Sigsoft Software Engineering Notes. ,vol. 40, pp. 1- 11 ,(2015) , 10.1145/2735399.2735405
Leonid Domnitser, Aamer Jaleel, Jason Loew, Nael Abu-Ghazaleh, Dmitry Ponomarev, Non-monopolizable caches: Low-complexity mitigation of cache side channel attacks high performance embedded architectures and compilers. ,vol. 8, pp. 35- ,(2012) , 10.1145/2086696.2086714
J. Kong, O. Aciicmez, J.-P. Seifert, Huiyang Zhou, Hardware-software integrated approaches to defend against software cache-based side channel attacks high-performance computer architecture. pp. 393- 404 ,(2009) , 10.1109/HPCA.2009.4798277
Keiko Hashizume, David G Rosado, Eduardo Fernández-Medina, Eduardo B Fernandez, An analysis of security issues for cloud computing Journal of Internet Services and Applications. ,vol. 4, pp. 5- ,(2013) , 10.1186/1869-0238-4-5
Xinxin Jin, Haogang Chen, Xiaolin Wang, Zhenlin Wang, Xiang Wen, Yingwei Luo, Xiaoming Li, A Simple Cache Partitioning Approach in a Virtualized Environment international symposium on parallel and distributed processing and applications. pp. 519- 524 ,(2009) , 10.1109/ISPA.2009.47
Xin-jie Zhao, Tao Wang, Improved Cache Trace Attack on AES and CLEFIA by Considering Cache Miss and S-box Misalignment. IACR Cryptology ePrint Archive. ,vol. 2010, pp. 56- ,(2010)
Naomi Benger, Yuval Yarom, Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack. IACR Cryptology ePrint Archive. ,vol. 2014, pp. 140- ,(2014)