A Covert Channel Using Event Channel State on Xen Hypervisor

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8233)


Covert channel between virtual machines is one of serious threats to cloud computing, since it will break the isolation of guest OSs. Even if a lot of work has been done to resist covert channels, new covert channels still emerge in various manners. In this paper, we introduce event channel mechanism in detail. Then we develop a covert channel called CCECS(Covert Channel using Event Channel State) and implement it on Xen hypervisor. Finally we quantitatively evaluate CCECS and discuss the possible mitigation methods. Results show that it can achieve larger bit rate than most existing covert channels.


Covert Channel Virtualization Event Channel 


  1. 1.
    Chen, Y., Paxson, V., Katz, R.H.: What’s New About Cloud Computing Security? Technical report, UCB/EECS-2010-5, EECS Department, University of California, Berkeley (2010)Google Scholar
  2. 2.
    Reuben, J.S.: A survey on virtual machine security. In: Security of the End Hosts on the Internet, Seminar on Network Security Autumn 2007. Helsinki University of Technology Telecommunications Software and Multimedia Laboratory (2007)Google Scholar
  3. 3.
    U. D. of Defense: Trusted Computing System Evaluation Criteria. DoD 5200.28-STD, Washington (1985)Google Scholar
  4. 4.
    Wang, Z., Lee, R.B.: Covert and Side Channels Due to Processor Architecture. In: Proceedings of the 22nd Annual Computer Security Applications Conference, Washington, pp. 473–482 (2006)Google Scholar
  5. 5.
    Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, New York, pp. 199–212 (2009)Google Scholar
  6. 6.
    Xu, Y., Bailey, M., Jahanian, F., Joshi, K., Hiltunen, M., Schlichting, R.: An exploration of L2 cache covert channels in virtualized environments. In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop, New York, pp. 29–40 (2011)Google Scholar
  7. 7.
    Wu, Z., Xu, Z., Wang, H.: Whispers in the hyper-space: high-speed covert channel attacks in the cloud. In: Proceedings of the 21st USENIX Conference on Security Symposium, Berkeley, p. 9 (2012)Google Scholar
  8. 8.
    Okamura, K., Oyama, Y.: Load-based covert channels between Xen virtual machines. In: Proceedings of the 2010 ACM Symposium on Applied Computing, New York, pp. 173–180 (2010)Google Scholar
  9. 9.
    Li, Y., Shen, Q., Zhang, C., Sun, P., Chen, Y., Qing, S.: A Covert Channel Using Core Alternation. In: Proceedings of the 2012 26th International Conference on Advanced Information Networking and Applications Workshops, Washington, pp. 324–328 (2012)Google Scholar
  10. 10.
    Wu, J., Ding, L., Wang, Y., Han, W.: Identification and Evaluation of Sharing Memory Covert Timing Channel in Xen Virtual Machines. In: Proceedings of the 2011 IEEE 4th International Conference on Cloud Computing, Washington, pp. 283–291 (2011)Google Scholar
  11. 11.
    Xiao, J., Xu, Z., Huang, H., Wang, H.: POSTER: A covert channel construction in a virtualized environment. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, New York, pp. 1040–1042 (2012)Google Scholar
  12. 12.
    Salaün, M.: Practical overview of a xen covert channel. J. Comput. Virol. 6, 317–328 (2010)CrossRefGoogle Scholar
  13. 13.
    Ranjith, P., Priya, C., Shalini, K.: On covert channels between virtual machines. J. Comput. Virol. 8, 85–97 (2012)CrossRefGoogle Scholar
  14. 14.
    Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., Warfield., A.: Xen and the art of virtualization. In: Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles, New York, pp. 164–177 (2003)Google Scholar
  15. 15.
    Amazon Elastic Compute Cloud (EC2),
  16. 16.
    Zhang, Y., Juels, A., Oprea, A., Reiter, M.K.: Homealone: Co-residency detection in the cloud via side-channel analysis. In: Proceedings of the 2011 IEEE Symposium on Security and Privacy, Washington, pp. 313–328 (2011)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2013

Authors and Affiliations

  1. 1.School of Software and MicroelectronicsPeking UniversityBeijingChina
  2. 2.MoE Key Lab of Network and Software AssurancePeking UniversityBeijingChina
  3. 3.Institue of SoftwareChinese Academy of SciencesBeijingChina

Personalised recommendations