2011 IEEE Symposium on Security and Privacy 2011
DOI: 10.1109/sp.2011.31
|View full text |Cite
|
Sign up to set email alerts
|

HomeAlone: Co-residency Detection in the Cloud via Side-Channel Analysis

Abstract: Security is a major barrier to enterprise adoption of cloud computing. Physical co-residency with other tenants poses a particular risk, due to pervasive virtualization in the cloud. Recent research has shown how side channels in shared hardware may enable attackers to exfiltrate sensitive data across virtual machines (VMs). In view of such risks, cloud providers may promise physically isolated resources to select tenants, but a challenge remains: Tenants still need to be able to verify physical isolation of t… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
165
0

Year Published

2013
2013
2018
2018

Publication Types

Select...
6
2
2

Relationship

0
10

Authors

Journals

citations
Cited by 272 publications
(165 citation statements)
references
References 33 publications
0
165
0
Order By: Relevance
“…Bates et al [11] proposed a system where adversarial VMs introduce traffic congestion in host NICs, which is then detected by remote clients. Similarly, Zhang et al [6] designed HomeAlone, a system that detects VM placement by issuing side-channels in the L2 cache during periods of low traffic. Finally, Han et al [2] proposed VM placement strategies that defend against placement attacks, although they are not specifically geared towards public clouds.…”
Section: Related Workmentioning
confidence: 99%
“…Bates et al [11] proposed a system where adversarial VMs introduce traffic congestion in host NICs, which is then detected by remote clients. Similarly, Zhang et al [6] designed HomeAlone, a system that detects VM placement by issuing side-channels in the L2 cache during periods of low traffic. Finally, Han et al [2] proposed VM placement strategies that defend against placement attacks, although they are not specifically geared towards public clouds.…”
Section: Related Workmentioning
confidence: 99%
“…Their work for the first time opened the door for side channel attacks in the cloud setting. Two years later, Zhang et al used the cache as a tool to determine whether a user is co-located with someone else or not [52]. Just one year later, again Zhang et al managed to recover an ElGamal encryption key in a cloud scenario running XEN hypervisor when the adversary is co-located in the same core [53].…”
Section: Related Cache Side-channel Attacksmentioning
confidence: 99%
“…According to the authors, Kelihos malware causes a memory explosion for few seconds, which is not a normal behavior for traditional applications. Zhang et al [52] use machine learning to deploy a lightweight mechanism in a VM to detect the behavior of L2 cache side channel attacks performed by other VMs.…”
Section: Related Workmentioning
confidence: 99%