Co-location Detection on the Cloud

Mehmet Sinan Inci; Berk Gulmezoglu; Thomas Eisenbarth; Berk Sunar

doi:10.1007/978-3-319-43283-0_2

Co-location Detection on the Cloud

Mehmet Sinan Inci, Berk Gulmezoglu, Thomas Eisenbarth, Berk Sunar

Institut für IT-Sicherheit

Worcester Polytechnic Institute

Abstract

In this work we focus on the problem of co-location as a first step of conducting Cross-VM attacks such as Prime and Probe or Flush+Reload in commercial clouds. We demonstrate and compare three co-location detection methods namely, cooperative Last-Level Cache (LLC) covert channel, software profiling on the LLC and memory bus locking. We conduct our experiments on three commercial clouds, Amazon EC2, Google Compute Engine and Microsoft Azure. Finally, we show that both cooperative and non-cooperative co-location to specific targets on cloud is still possible on major cloud services.

Originalsprache	Englisch
Titel	Constructive Side-Channel Analysis and Secure Design
Redakteure/-innen	François-Xavier Standaert, Elisabeth Oswald
Seitenumfang	16
Band	9689
Herausgeber (Verlag)	Springer Verlag
Erscheinungsdatum	23.07.2016
Seiten	19-34
ISBN (Print)	978-3-319-43282-3
ISBN (elektronisch)	978-3-319-43283-0
DOIs	https://doi.org/10.1007/978-3-319-43283-0_2
Publikationsstatus	Veröffentlicht - 23.07.2016
Veranstaltung	7th International Workshop on Constructive Side-Channel Analysis and Secure Design - Graz, Österreich Dauer: 14.04.2016 → 15.04.2016

UN SDGs

Dieser Output leistet einen Beitrag zu folgendem(n) Ziel(en) für nachhaltige Entwicklung

Dokumente

10.1007/978-3-319-43283-0_2

https://eprint.iacr.org/2016/284.pdf

Zitieren

@inproceedings{0393eb50240044c7afae189e78c309bd,

title = "Co-location Detection on the Cloud",

abstract = "In this work we focus on the problem of co-location as a first step of conducting Cross-VM attacks such as Prime and Probe or Flush+Reload in commercial clouds. We demonstrate and compare three co-location detection methods namely, cooperative Last-Level Cache (LLC) covert channel, software profiling on the LLC and memory bus locking. We conduct our experiments on three commercial clouds, Amazon EC2, Google Compute Engine and Microsoft Azure. Finally, we show that both cooperative and non-cooperative co-location to specific targets on cloud is still possible on major cloud services.",

author = "Inci, {Mehmet Sinan} and Berk Gulmezoglu and Thomas Eisenbarth and Berk Sunar",

year = "2016",

month = jul,

day = "23",

doi = "10.1007/978-3-319-43283-0_2",

language = "English",

isbn = "978-3-319-43282-3",

volume = "9689",

series = "Lecture Notes in Computer Science",

publisher = "Springer Verlag",

pages = "19--34",

editor = "Standaert, {Fran{\c c}ois-Xavier } and Oswald, {Elisabeth }",

booktitle = "Constructive Side-Channel Analysis and Secure Design",

note = "7th International Workshop on Constructive Side-Channel Analysis and Secure Design, COSADE 2016 ; Conference date: 14-04-2016 Through 15-04-2016",

}

Inci, MS, Gulmezoglu, B, Eisenbarth, T & Sunar, B 2016, Co-location Detection on the Cloud. in F-X Standaert & E Oswald (Hrsg.), Constructive Side-Channel Analysis and Secure Design. Bd. 9689, Lecture Notes in Computer Science, Bd. 9689, Springer Verlag, S. 19-34, 7th International Workshop on Constructive Side-Channel Analysis and Secure Design, Graz, Österreich, 14.04.16. https://doi.org/10.1007/978-3-319-43283-0_2

Co-location Detection on the Cloud. / Inci, Mehmet Sinan; Gulmezoglu, Berk; Eisenbarth, Thomas et al.
Constructive Side-Channel Analysis and Secure Design. Hrsg. / François-Xavier Standaert; Elisabeth Oswald. Band 9689 Springer Verlag, 2016. S. 19-34 (Lecture Notes in Computer Science; Band 9689).

Publikation: Kapitel in Büchern/Berichten/Konferenzbänden › Konferenzbeitrag › Begutachtung

TY - GEN

T1 - Co-location Detection on the Cloud

AU - Inci, Mehmet Sinan

AU - Gulmezoglu, Berk

AU - Eisenbarth, Thomas

AU - Sunar, Berk

PY - 2016/7/23

Y1 - 2016/7/23

N2 - In this work we focus on the problem of co-location as a first step of conducting Cross-VM attacks such as Prime and Probe or Flush+Reload in commercial clouds. We demonstrate and compare three co-location detection methods namely, cooperative Last-Level Cache (LLC) covert channel, software profiling on the LLC and memory bus locking. We conduct our experiments on three commercial clouds, Amazon EC2, Google Compute Engine and Microsoft Azure. Finally, we show that both cooperative and non-cooperative co-location to specific targets on cloud is still possible on major cloud services.

AB - In this work we focus on the problem of co-location as a first step of conducting Cross-VM attacks such as Prime and Probe or Flush+Reload in commercial clouds. We demonstrate and compare three co-location detection methods namely, cooperative Last-Level Cache (LLC) covert channel, software profiling on the LLC and memory bus locking. We conduct our experiments on three commercial clouds, Amazon EC2, Google Compute Engine and Microsoft Azure. Finally, we show that both cooperative and non-cooperative co-location to specific targets on cloud is still possible on major cloud services.

U2 - 10.1007/978-3-319-43283-0_2

DO - 10.1007/978-3-319-43283-0_2

M3 - Conference contribution

SN - 978-3-319-43282-3

VL - 9689

T3 - Lecture Notes in Computer Science

SP - 19

EP - 34

BT - Constructive Side-Channel Analysis and Secure Design

A2 - Standaert, François-Xavier

A2 - Oswald, Elisabeth

PB - Springer Verlag

T2 - 7th International Workshop on Constructive Side-Channel Analysis and Secure Design

Y2 - 14 April 2016 through 15 April 2016

ER -

Co-location Detection on the Cloud

Abstract

UN SDGs

Dokumente

Fingerprint

Zitieren