Abstract
We introduce an e ective technique that exploits logical chan- nels for malicious co-location and target identi cation on Microsoft Azure cloud instances. Speci cally, we employ two co-location scenarios: targeted co-location with a spe- ci c victim or co-location with subsequent identi cation of victims of interest. We develop a novel, noise-resistant co- location detection method through the network channel that provides fast, reliable results with no cooperation from the victim. Also, our method does not require access to the victim instance neither as a legitimate user nor a malicious attacker.
The ecacy of the proposed technique enables practical QoS degradation attacks which are easy and cheap to im- plement yet hard to discover. The slightest performance degradation in web interfaces or time critical applications can result in signi cant nancial losses. To this end, we show that once co-located, a malicious instance can use memory bus locking to render the victim server unusable to the cus- tomers. This work underlines the need for cloud service providers to apply stronger isolation techniques.
The ecacy of the proposed technique enables practical QoS degradation attacks which are easy and cheap to im- plement yet hard to discover. The slightest performance degradation in web interfaces or time critical applications can result in signi cant nancial losses. To this end, we show that once co-located, a malicious instance can use memory bus locking to render the victim server unusable to the cus- tomers. This work underlines the need for cloud service providers to apply stronger isolation techniques.
Original language | English |
---|---|
Title of host publication | Proceedings of the 32nd Annual Conference on Computer Security Applications |
Number of pages | 12 |
Place of Publication | New York, NY, USA |
Publisher | ACM |
Publication date | 12.2016 |
Pages | 436-447 |
ISBN (Print) | 978-1-4503-4771-6 |
DOIs | |
Publication status | Published - 12.2016 |
Event | Proceedings of the 32nd Annual Conference on Computer Security Applications - Los Angeles, United States Duration: 05.12.2016 → 09.12.2016 |