Recap Exploring information leakage in third- party compute clouds – Placement – Determining co-residence – Inferrence
Placement Launching test instances Determining the correlation between instance placement and IP addresses Launching many probe instances in the same availability zone
Determining co-residence Traceroute
Cross-VM information leakage Load measurement: Prime-Trigger-Probe – B: buffer of size b; s: cache line size 1.Prime: Read B at s-offset 2.Trigger: busy-loop until swapped out 3.Probe: measure the time it takes to read B again at s-offset – If it takes long – If it does not take long
Load-based co-residence detection Send http requests to a target VM Do load measurement – High – Low
Which one(s) shows co-resident?
Estimating traffic rates High traffic rates high load
Keystroke timing attack Hypothesis – On an idle machine, High load spike keystroke input Timing between high load spikes timing between keystrokes Timing between keystrokes infers password
Summary Co-residence information leak Defending against it is hard
WHAT’S NEW ABOUT CLOUD COMPUTING SECURITY?
Overview New threats New research opportunities
New threats A more reliable alternative to botnets – If cloud computing is cheaper and more reliable than botnets, use cloud Brute-forcer Resource sharing and interference – Placement, inferrence Reputation fate sharing – Spammers block other legitimate services – An FBI raid
Novel elements Protecting data and software is not enough Activity pattern needs protection as well Reputation attribution A longer trust chain Competitiveness business may co-locate
Is mutual auditability a solution? Provider audits customer’s activities Customer audits what a provider provides enables attribution of blame
New opportunities Cloud providers should offer a choice of security primitives – Granularity of virtualizations Physical machines, LANS, clouds, or datacenters Mutual auditability – Provider audits customer’s activities – Customer audits what a provider provides – enables attribution of blame Studying cloud security vulnerabilities
Next Discovering VM dependencies using CPU utilization – Question to ponder: can this technique be used a security attack?
Interesting techniques Inference technique – Auto-regressive modeling: use past samples to predict future values – Compute distances of AR models Models with similar coefficients are closer – K-mean clustering Perturbation to improve inference accuracy
Security attacks Achieving co-residence Do load measurements Figure out service correlations DoS all related services