Abstract
Virtualization has been wide used for serving the ever growing computing demand, allowing cloud providers to instantiate multiple virtual machines (VMs) on a single set of physical resources. Customers use this shared resources without warned about the possibility of extracting or manipulating their sensitive data by an attacker who can co-resident his malicious VM with the target one. This paper presents the Co-residence Detection Technique (CDT), a method to analyze how attackers can co-resident with a target VM. Our method consists of three parts: (a) cartography cloud (b) co-residence test and (c) request for migration. We used Amazon EC2, GCE and Microsoft Azure as a case study to demonstrate that is possible to scan the local network and confirm co-residency with a target VM instance by using the network commands.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
AbdelSalam, A.M., Elkilani, W.S., Amin, K.M.: An automated approach for preventing ARP spoofing attack using static ARP entries. (JACSA) Int. J. Adv. Comput. Sci. Appl. 5(1) (2004)
Srinath, D., Panimalar, S., JerrinSimla, A., Deepa, J.: Detection and prevention ofARP spoofing using centralized server. Int. J. Comput. Appl. 113(19) (2015). (0975 –8887)
Boukhriss, H., Mohammed, A.A., Hedabou, M.: New technique of localization a targeted virtual machine in a cloud platform. In: Proceedings 5th Workshop on Codes, Cryptography and Communication Systems, WCCCS 2014 (2014)
Upton, D.: Detection and subversion of virtual machines. University of Virginia, CS 851 - Virtual Machine (2006)
Zou, C.C., Cunningham, R.: Honeypot-aware advanced botnet construction and maintenance. In: International Conference on Dependable Systems and Networks DSN 2006 (2006)
Wang, P., Wu, L., Cunningham, R., Zou, C.C.: Honeypot detection in advanced botnet attacks. Int. J. Inf. Comput. Secur. 4(1), 30–51 (2010)
Del Pozo, S.M., Standaert, F.X., Kamel, D., Moradi, A.: Side-channel attacks from static power: when should we care? In: Proceedings of the 2015 Design, Automation & Test in Europe Conference & Exhibition, pp. 145–150 (2015)
Zhou, F.F., Goel, M., Desnoyers, P., Sundaram, R.: Scheduler vulnerabilities and coordinated attacks in cloud computing. In: Proceedings of Tenth IEEE International Symposium on Network Computing and Applications (NCA 2011), pp. 123–130 (2011)
Varadarajan, V., Kooburat, T., Farley, B., Ristenpart, T., Swift, M.: Resource-freeing attacks: improve your cloud performance (at Your Neighbors Expense). In: Proceedings of ACM Conference on Computer and Communications Security (CCS 2012), pp. 281–292 (2012)
Yang, Z., Fang, H., Wu, Y., Li, C., Zhao, B., Huang, H.H.: Understanding the effects of hypervisor I/O scheduling for virtual machine performance interference. In: Proceedings of Fourth IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2012), pp. 34–41 (2012)
Bedi, H., Shiva, S.: Securing cloud infrastructure against co-resident DoS attacks using game theoretic defense mechanisms. In:Proceedings of International Conference on Advances in Computing, Communications and Informatics (ICACCI 2012), pp. 463–469 (2012)
Perez-Botero, D., Szefer, J., Lee, R.B.: Characterizing hypervisor vulnerabilities in cloud computing. In: Proceedings of the Workshop on Security in Cloud Computing (SCC). Princeton University, Princeton, NJ, USA (2013)
Zhao, M., Figueiredo, R.J.: Experimental study of virtual machine migration in support of reservation of cluster resources. In: Proceedings of the 2nd International Workshop on Virtualization Technology in Distributed Computing Article No. 5. Reno, Nevada (2007)
Clark, C., Fraser, K., Hand, S., Hansen, J.G., Jul, E., Limpach, C., Pratt, I., Warfield, A.: Live migration of virtual machines. In: Proceedings of the 2nd Conference on Symposium on Networked Systems Design & Implementation, vol. 2, pp. 273–286, (02–04 May 2005)
Ye, K., Jiang, X., Ma, R.: VC-migration: live migration of virtual clusters in the cloud grid computing (GRID). In: ACM/IEEE 13th International Conference (2012)
Ristenpart, T., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. ACM ‎(2009)
Zhang, Y., Oprea, A., Juels, A., Reiter, M.K.: HomeAlone: co-residency detection in the cloud via side-channel analysis. In: IEEE Symposium on Security and Privacy (SP) (2011)
Si, Y., Xiaolin, G., Jiancai, L., Xuejun, Z., Junfei, W.: Detecting VMs co-residency in the cloud: using cache-based side channels attacks. Elektronika Ir Elektrotechnika 19(5), 73–78 (2013). ISSN 1392-1215
Xu, Y., Bailey, M., Kaustubh, Joshi, F.J.K., Hiltunen, M., Schlichting, R.: .An exploration of L2 cache covert channels in virtualized environments. In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop, CCSW 2011, pp. 29–40 (2011)
Sevak, B.: Security against side channel attack in cloud computing. Int. J. Eng. Adv. Technol. (IJEAT). 2(2), p. 183 (2012). ISSN: 2249 – 8958
Microsoft Azure: Cloud Computing Platform & Services. https://azure.microsoft.com/fr-fr/
Amazon Web Services (AWS) - Cloud Computing Services. https://aws.amazon.com/fr/
Compute Engine - IaaS – Google Cloud Platform. https://cloud.google.com/compute/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Boukhriss, H., Hedabou, M., Boutkhoum, O. (2018). CDT to Detect Co-residence in Cloud Computing. In: Ben Ahmed, M., Boudhir, A. (eds) Innovations in Smart Cities and Applications. SCAMS 2017. Lecture Notes in Networks and Systems, vol 37. Springer, Cham. https://doi.org/10.1007/978-3-319-74500-8_29
Download citation
DOI: https://doi.org/10.1007/978-3-319-74500-8_29
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-74499-5
Online ISBN: 978-3-319-74500-8
eBook Packages: EngineeringEngineering (R0)