Whispers in the Cloud - A Covert Channel using the Result of Creating a Virtual Machine

Cong Li, Qingni Shen, Kang Chen, Yahui Yang, Zhonghai Wu

Abstract

With the widespread use of cloud computing, people pay more attention to the security of cloud platforms. For the case of some clouds, users are permitted to use the services, but they cannot communicate with each other in the same cloud. In this paper, we present a new kind of user-level covert channel which we called CCRCVM (Covert Channel using the Result of Creating a Virtual Machine). This covert channel exists in OpenStack, which we have confirmed. This covert channel takes advantage of the result of creating a virtual machine to make the users communicate. First of all, we describe the threat scenario of this covert channel. Then, we describe the theory and communication process of the covert channel. Afterwards, we implement the covert channel in our own OpenStack environment. We also measure the bandwidth and communication accuracy of this covert channel in many times. Finally, we discuss how to mitigate and eliminate this channel.

References

  1. Alarifi, S. S., & Wolthusen, S. D. (2012, December). Detecting anomalies in IaaS environments through virtual machine host system call analysis. In Internet Technology And Secured Transactions, 2012 International Conference for (pp. 211-218). IEEE.
  2. Bijon, K., Krishnan, R., & Sandhu, R. (2015, June). Mitigating Multi-Tenancy Risks in IaaS Cloud Through Constraints-Driven Virtual Resource Scheduling. In Proceedings of the 20th ACM Symposium on Access Control Models and Technologies (pp. 63-74). ACM.
  3. Han, Y., Chan, J., Alpcan, T., & Leckie, C. (2014, June). Virtual machine allocation policies against co-resident attacks in cloud computing. In Communications (ICC), 2014 IEEE International Conference on (pp. 786-792). IEEE.
  4. Jaeger, T., Sailer, R., & Sreenivasan, Y. (2007, June). Managing the risk of covert information flows in virtual machine systems. In Proceedings of the 12th ACM symposium on Access control models and technologies (pp. 81-90). ACM.
  5. Lampson, B. W. (1973). A note on the confinement problem. Communications of the ACM, 16(10), 613- 615.
  6. Li, Y., Shen, Q., Zhang, C., Sun, P., Chen, Y., & Qing, S. (2012, March). A covert channel using core alternation. In Advanced Information Networking and Applications Workshops (WAINA), 2012 26th International Conference on (pp. 324-328). IEEE.
  7. Meade, F. G. G. (1993). A guide to understanding covert channel analysis of trusted systems. NCSC4TG4030 National computer security center, Maryland university.
  8. Okamura, K., & Oyama, Y. (2010, March). Load-based covert channels between Xen virtual machines. In Proceedings of the 2010 ACM Symposium on Applied Computing (pp. 173-180). ACM.
  9. Percival, C. (2005). Cache missing for fun and profit.
  10. Pitropakis, N., Lambrinoudakis, C., & Geneiatakis, D. (2015). Till All Are One: Towards a Unified Cloud IDS. In Trust, Privacy and Security in Digital Business (pp. 136-149). Springer International Publishing.
  11. Reuben, J. S. (2007). A survey on virtual machine security. Helsinki University of Technology, 2, 36.
  12. Ristenpart, T., Tromer, E., Shacham, H., & Savage, S. (2009, November). Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In Proceedings of the 16th ACM conference on Computer and communications security (pp. 199-212). ACM.
  13. Shah, G., Molina, A., & Blaze, M. (2006, July). Keyboards and Covert Channels. In USENIX Security.
  14. Shen, Q., Wan, M., Zhang, Z., Zhang, Z., Qing, S., & Wu, Z. (2013). A covert channel using event channel state on xen hypervisor. In Information and Communications Security (pp. 125-134). Springer International Publishing.
  15. Tsai, C. R., & Gligor, V. D. (1988, April). A bandwidth computation model for covert storage channels and its applications. In Security and Privacy, 1988. Proceedings., 1988 IEEE Symposium on (pp. 108-121). IEEE.
  16. Varadarajan, V., Zhang, Y., Ristenpart, T., & Swift, M. (2015, August). A placement vulnerability study in multi-tenant public clouds. In 24th USENIX Security Symposium (USENIX Security 15)(Washington, DC (pp. 913-928).
  17. Vleck, T. V. (1990). Timing channels. Poster session. In IEEE TCSP conference.
  18. Wu, J., Ding, L., Wang, Y., & Han, W. (2011, July). Identification and evaluation of sharing memory covert timing channel in Xen virtual machines. In Cloud Computing (CLOUD), 2011 IEEE International Conference on (pp. 283-291). IEEE.
  19. Wu, Z., Xu, Z., & Wang, H. (2014). Whispers in the hyperspace: high-bandwidth and reliable covert channel attacks inside the cloud.
  20. Xu, Y., Bailey, M., Jahanian, F., Joshi, K., Hiltunen, M., & Schlichting, R. (2011, October). An exploration of L2 cache covert channels in virtualized environments. In Proceedings of the 3rd ACM workshop on Cloud computing security workshop (pp. 29-40). ACM.
Download


Paper Citation


in Harvard Style

Li C., Shen Q., Chen K., Yang Y. and Wu Z. (2016). Whispers in the Cloud - A Covert Channel using the Result of Creating a Virtual Machine . In Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-167-0, pages 380-387. DOI: 10.5220/0005739403800387


in Bibtex Style

@conference{icissp16,
author={Cong Li and Qingni Shen and Kang Chen and Yahui Yang and Zhonghai Wu},
title={Whispers in the Cloud - A Covert Channel using the Result of Creating a Virtual Machine},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2016},
pages={380-387},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005739403800387},
isbn={978-989-758-167-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Whispers in the Cloud - A Covert Channel using the Result of Creating a Virtual Machine
SN - 978-989-758-167-0
AU - Li C.
AU - Shen Q.
AU - Chen K.
AU - Yang Y.
AU - Wu Z.
PY - 2016
SP - 380
EP - 387
DO - 10.5220/0005739403800387