SECURITY OF VIRTUAL MACHINES IN CLOUD
ENVIRONMENTRohit Kugaonkar
CMSC 601 Spring 2011May 9th 2011
http://res.sys-con.com/story/dec09/1225058/Cloud%20security%20226.jpg
Cloud Computing
“Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction”.
- The NIST Definition of Cloud Computing
http://csrc.nist.gov/publications/drafts/800-145/Draft-SP-800-145_cloud-definition.pdf
"Cloud Security and Privacy'',O'Reilly
Cloud framework and charactersitcs
On-Demand service Pay only for actual
usage Shared resources Rapid elasticity Virtualization Advanced Security
Top security concerns in cloud computing
Insecure programming interfaces or APIs Threat from inside employees Data Protection Identity and access management Shared Technology issues
Hypervisor security Cross-side channel attacks between VMs
XEN hypervisor archietecture
http://vzxen.com/images/xen-hypervisor.png
Cross VM side channel attacks
Virtual machines share the physical memory, CPU cycles, network buffers, DRAM of the physical machine
Attack on Amazon EC2 web services: Researchers from MIT and University of California explained in their paper “Hey,You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds”
Cross VM side channel attacks continued…
Attacks takes place in two steps:1. Placement of attacker virtual machine on the
same physical machine.2. Exploiting the shared resources.
CPU cache leakage attack Measure load of the other virtual web server Extract AES and RSA keys.
Keystrokes timing analysis Extract user passwords from SSH terminal.
Related work
D. A. Osvik, A. Shamir, and E. Tromer, “Cache attacks and countermeasures: the case of AES”.
D. Page, “Theoretical use of cache memory as a cryptanalytic side-channel”.
D. Page, “Defending against cache-based side-channel attacks”.
D. Page, “Partitioned cache architecture as a side-channel defense mechanism”.
E. Tromer, D. A. Osvik, and A. Shamir, "Efficient cache attacks on AES, and countermeasures
Related work continued…
Dawn Xiaodong Song, David Wagner, Xuqing Tian, ``Timing Analysis of Keystrokes and Timing Attacks on SSH'‘.
Cloud service providers:“Securing Microsoft's Cloud Infrastructure", Microsoft Global Foundation Services.
“Amazon Web Services: Overview of Security Processes"
Proposed approach
Dividing the security mechanism in 2 components.
Customized operating system image. A light weight process running on each of
the virtual machines. Collect security logs or any malicious
behavior from each of the virtual machines and send it for analysis to dedicated machine.
Proposed approach continued…
Analysis part will be performed at dedicated machine/s.
Analysis of the security logs in real time. Looking for the same cache memory
access pattern! Routing all the web server traffic through
these dedicated machines. Real time fixing of any tampering on VMs. Wiping out cache only when attack pattern
is detected by the dedicated machine.
Future work
Hypervisor security. Security mechanism to protect against
keystroke based timing attacks.
http://blog.llnw.com/wp-content/uploads/2010/04/cloud-question.png
References
Thomas Ristenpart , Eran Tromer , Hovav Shacham and Stefan Savage ``Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds’’.
Tim Mather, Subra Kumaraswamy, Shahed Latif, ``Cloud Security and Privacy'',O'Reilly publication.
D. A. Osvik, A. Shamir, and E. Tromer, “Cache attacks and countermeasures: the case of AES”,
D. Page, “Theoretical use of cache memory as a cryptanalytic side-channel”,
D. Page, “Defending against cache-based side-channel attacks. D. Page, “Partitioned cache architecture as a side-channel
defense mechanism”. E. Tromer, D. A. Osvik, and A. Shamir, "Efficient cache attacks
on AES, and countermeasures“. Dawn Xiaodong Song, David Wagner, Xuqing Tian, ``Timing
Analysis of Keystrokes and Timing Attacks on SSH”.
Top Related