Side Channels in Cloud Services: Deduplication in Cloud Storage

Harnik, Danny; Pinkas, Benny; Shulman‐Peleg, Alexandra

doi:10.1109/msp.2010.187

Cited by 417 publications

(256 citation statements)

References 6 publications

Supporting

Mentioning

255

Contrasting

Unclassified

Order By: Relevance

“…Cloud storage deduplication has a same vulnerability [8], which is exhibited on Dropbox, MozyHome, and Melpole. The attack takes advantage of the elimination of traffic, when the same file is already uploaded.…”

Section: Related Workmentioning

confidence: 96%

Implementation of a Memory Disclosure Attack on Memory Deduplication of Virtual Machines

Suzaki

Kengo

Yagi

et al. 2013

IEICE Trans. Fundamentals

View full text Add to dashboard Cite

SUMMARYMemory deduplication improves the utilization of physical memory by sharing identical blocks of data. Although memory deduplication is most effective when many virtual machines with same operating systems run on a CPU, cross-user memory deduplication is a covert channel and causes serious memory disclosure attack. It reveals the existence of an application or file on another virtual machine. The covert channel is a difference in write access time on deduplicated memory pages that are re-created by Copy-On-Write, but it has some interferences caused by execution environments. This paper indicates that the attack includes implementation issues caused by memory alignment, self-reflection between page cache and heap, and run-time modification (swap-out, anonymous pages, ASLR, preloading mechanism, and self-modification code). However, these problems are avoidable with some techniques. In our experience on KSM (kernel samepage merging) with the KVM virtual machine, the attack could detect the security level of attacked operating systems, find vulnerable applications, and confirm the status of attacked applications. key words: memory disclosure attack, virtual machine, memory deduplication

show abstract

Section: Related Workmentioning

confidence: 96%

Implementation of a Memory Disclosure Attack on Memory Deduplication of Virtual Machines

Suzaki

Kengo

Yagi

et al. 2013

IEICE Trans. Fundamentals

View full text Add to dashboard Cite

show abstract

“…Harnik et al [26] presented a number of attacks that can lead to data leakage in cloud storage system supporting client-side deduplication. They observed that only a hash value has been used in these system to realize the ownership proof to the cloud storage server.…”

Section: Related Workmentioning

confidence: 99%

Secure deduplication storage systems supporting keyword search

Chen

Xhafa

et al. 2015

Journal of Computer and System Sciences

View full text Add to dashboard Cite

Data deduplication is an attractive technology to reduce storage space for increasing vast amount of duplicated and redundant data. In a cloud storage system with data deduplication, duplicate copies of data will be eliminated and only one copy will be kept in the storage. To protect the confidentiality of sensitive data while supporting deduplication, the convergent encryption technique has been proposed to encrypt the data before outsourcing. However, the issue of keyword search over encrypted data in deduplication storage system has to be addressed for efficient data utilization. This paper firstly proposes two constructions which support secure keyword search in this scenario. In these constructions, the integrity of the data can be realized by just checking the convergent key, without other traditional integrity auditing mechanisms. Then, two extensions are presented to support fuzzy keyword search and block-level deduplication. Finally, security analysis is given.

show abstract

“…cloud backup services has become a cost effective choice for data security of personal cloud environment [8] and also for improving deduplication efficiency, Yinjin Fu, et.al [4] In this paper, introduce ALG dedupe system used for to combine local and global deduplication for maintain effectiveness. Proposed system gives the optimize performance of lookup performance and used for personal cloud environment and reduce system overload.…”

Section: Litearture Surveymentioning

confidence: 99%

A Novel Way of Deduplication Approach for Cloud Backup Services Using Block Index Caching Technique

Malhotra¹,

GHYARE²

2014

IJAREEIE

View full text Add to dashboard Cite

Data Deduplication describes approach that reduces the storage capacity needed to store data or the data has to be transfer on the network. Cloud storage has received increasing attention from industry as it offers infinite storage resources that are available on demand. Source Deduplication is useful in cloud backup that saves network bandwidth and reduces network space Deduplication is the process by breaking up an incoming stream into relatively large segments and deduplicating each segment against only a few of the most similar previous segments. To identify similar segments use block index technique The problem is that these schemes traditionally require a full chunk index, which indexes every chunk, in order to determine which chunks have already been stored unfortunately, it is impractical to keep such an index in RAM and a disk based index with one seek per incoming chunk is far too slow. In this paper we describes application based deduplication approach and indexing scheme contains block that preserved caching which maintains the locality of the fingerprint of duplicate content to achieve high hit ratio and to overcome the lookup performance and reduced cost for cloud backup services and increase dedulpication efficiency. KEYWORDS:Backup services, Caching, Data deduplication. I.INTRODUCTIONThe explosive growth of the digital data, data deduplication has gained increasing attention for its storage efficiency in backup storage systems. Today, in the context of user data sharing platforms the challenges for large scale, highly redundant internet data storage is high. Due to this redundancy storage cost is reduces. Storage for this increasingly centralized Web data can be getting by its de duplication. Data deduplication describes a class of approaches that reduce the storage capacity needed to store data or the amount of data that has to be transferred over a network. These approaches detect coarse-grained redundancies within a data set, e.g. a file system; Data deduplication not only reduces the storage space requirements by eliminating redundant data but also minimizes the network transmission of duplicate data in the network storage systems. It splits files into multiple chunks that are each uniquely identified by a hash signature called a fingerprint. It removes duplicate chunks by checking their fingerprints, which avoids byte by byte comparisons. Mainly data deduplication focused on different terms like throughput, advance chunking schemes, other type of storage capacity and clustering method and system workload.As data passes through a cache on its way to or from the storage/processing/networking device, some of the data is selectively stored in the cache. When an application or process later accesses data stored in the cache that request can be served faster from the cache than from the slower device. The more requests that can be served from cache, the faster is the overall system performance. There is a trade-off in cache cost and performance. Larger caches yield a higher cache hit rat...

show abstract

Side Channels in Cloud Services: Deduplication in Cloud Storage

Cited by 417 publications

References 6 publications

Implementation of a Memory Disclosure Attack on Memory Deduplication of Virtual Machines

Implementation of a Memory Disclosure Attack on Memory Deduplication of Virtual Machines

Secure deduplication storage systems supporting keyword search

A Novel Way of Deduplication Approach for Cloud Backup Services Using Block Index Caching Technique

Contact Info

Product

Resources

About