A Secure Virtual Machine Allocation Strategy Against Co-Resident Attacks
Hefei Jia*,***, Xu Liu*,***, Xiaoqiang Di*,**,***,, Hui Qi*,***, Binbin Cai**, Jinqing Li*,***, Huamin Yang*,***, and Jianping Zhao*,***
*School of Computer Science and Technology, Changchun University of Science and Technology
No.7186 Satellite Road, Changchun, Jilin 130022, China
**Information Center, Changchun University of Science and Technology
No.7089 Satellite Road, Changchun, Jilin 130022, China
***Jilin Province Key Laboratory of Network and Information Security
Changchun, Jilin 130022, China
In the area of network development, especially cloud computing, security has been a long-standing issue. In order to better utilize physical resources, cloud service providers usually allocate different tenants on the same physical machine, i.e., physical resources such as CPU, memory, and network devices are shared among multiple tenants on the same host. Virtual machine (VM) co-resident attack, a serious threat in this sharing methodology, includes malicious tenants who tend to steal private data. Currently, most solutions focus on how to eliminate known specific side channels, but they have little effect on unknown side channels. Compared to eliminating side channels, developing a VM allocation strategy is an effective countermeasure against VM co-resident attack as it reduces the probability of VM co-residency, but research on this topic is still in its infancy. In this study, firstly, a novel, efficient, and secure VM allocation strategy named Against VM Co-resident attack based on Multi-objective Optimization Best Fit Decreasing (AC-MOBFD) is proposed, which simultaneously optimizes load balancing, energy consumption, and host resource utilization during VM placement. Subsequently, security of the proposed allocation strategy is measured using two metrics – VM attack efficiency and VM attack coverage. Extensive experiments on simulated and real cloud platforms, CloudSim and OpenStack, respectively, demonstrate that using our strategy, the attack efficiency of VM co-residency is reduced by 37.3% and VM coverage rate is reduced by 24.4% when compared to existing strategies. Finally, we compare the number of co-resident hosts with that of hosts in a real cloud platform. Experimental results show that the deviation is below 9.4%, which validates the feasibility and effectiveness of the presented strategy.
-  E. Tromer, D. A. Osvik, and A. Shamir, “Efficient cache attacks on AES, and countermeasures,” J. of Cryptology, Vol.23, No.1, pp. 37-71, 2010.
-  D. Gullasch, E. Bangerter, and S. Krenn, “Cache games–Bringing access-based cache attacks on AES to practice,” IEEE Symp. on Security and Privacy, pp. 490-505, 2011.
-  S. J. Moon, V. Sekar, and M. K. Reiter, “Nomad: Mitigating arbitrary cloud side channels via provider-assisted migration,” Proc. of the 22nd ACM SIGSAC Conf. on Computer and Communications Security, pp. 1595-1606, 2015.
-  Y. Yarom and K. Falkner, “FLUSH+ RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack,” 23rd USENIX Security Symp., pp. 22-25, 2014.
-  Q. Shen, M. Wan, Z. Zhang, S. Qing, and Z. Wu, “A covert channel using event channel state on Xen hypervisor,” Int. Conf. on Information and Communications Security, pp. 125-134, 2013.
-  Z. Wu, Z. Xu, and H. Wang, “Whispers in the Hyper-space: High-speed Covert Channel Attacks in the Cloud,” 21st USENIX Security Symp., pp. 159-173, 2012.
-  Y. Xu, M. Bailey, F. Jahanian et al., “An exploration of L2 cache covert channels in virtualized environments,” Proc. of the 3rd ACM Workshop on Cloud Computing Security Workshop, pp. 29-40, 2011.
-  T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, “Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds,” Proc. of the 16th ACM Conf. on Computer and Communications Security (CCS), pp. 199-212, 2009.
-  S. K. Barker and P. Shenoy, “Empirical evaluation of latency-sensitive application performance in the cloud,” Proc. of the 1st Annual ACM SIGMM Conf. on Multimedia Systems, pp. 35-46, 2010.
-  F. Zhou, M. Goel, P. Desnoyers et al., “Scheduler vulnerabilities and coordinated attacks in cloud computing,” J. of Computer Security, Vol.21, No.4, pp. 533-559, 2013.
-  M.-M. Bazm, M. Lacoste, M. Südholt et al., “Side-channels beyond the cloud edge: New isolation threats and solutions,” 1st Cyber Security in Networking Conference (CSNet), pp. 1-8, 2017.
-  W. Liu, D. Gao, and M. K. Reiter, “On-demand time blurring to support side-channel defense,” European Symp. on Research in Computer Security, pp. 210-228, 2017.
-  J. Lindemann and M. Fischer, “A memory-deduplication side-channel attack to detect applications in co-resident virtual machines,” Proc. of the 33rd Annual ACM Symp. on Applied Computing, pp. 183-192, 2018.
-  B. C. Vattikonda, S. Das, and H. Shacham, “Eliminating fine grained timers in Xen,” Proc. of the 3rd ACM Workshop on Cloud Computing Security Workshop, pp. 41-46, 2011.
-  J. Wu, L. Ding, Y. Lin et al., “XenPump: a new method to mitigate timing channel in cloud computing,” 2012 IEEE 5th Int. Conf. on Cloud Computing, pp. 678-685, 2012.
-  Y. Zhang and M. K. Reiter, “Düppel: retrofitting commodity operating systems to mitigate cache side channels in the cloud,” Proc. of the 2013 ACM SIGSAC Conf. on Computer & Communications Security (CCS ’13), pp. 827-838, 2013.
-  T. Kim, M. Peinado, and G. Mainar-Ruiz, “Stealthmem: system-level protection against cache-based side channel attacks in the cloud,” Proc. of the 21st USENIX Security Symp., pp. 189-204, 2012.
-  M. Godfrey and M. Zulkernine, “Preventing cache-based side-channel attacks in a cloud environment,” IEEE Trans. on Cloud Computing, Vol.2, No.4, pp. 395-408, 2014.
-  Q. Ge, Y. Yarom, D. Cock et al., “A survey of microarchitectural timing attacks and countermeasures on contemporary hardware,” J. of Cryptographic Engineering, Vol.8, No.1, pp. 1-27, 2018.
-  Y. Han, J. Chan, T. Alpcan, and C. Leckie, “Using virtual machine allocation policies to defend against Co-resident attacks in cloud computing,” IEEE Trans. on Dependable and Secure Computing, Vol.14, No.1, pp. 95-108, 2017.
-  Y. Qiu, Q. Shen, Y. Luo, C. Li, and Z. Wu, “A secure virtual machine deployment strategy to reduce co-residency in cloud,” IEEE Trustcom/BigDataSE/ICESS, pp. 347-354, 2017.
-  W. Ding, C. Gu, F. Luo, Y. Chang, U. Rugwiro, X. Li, and G. Wen, “DFA-VMP: an efficient and secure virtual machine placement strategy under cloud environment,” Peer-to-Peer Networking and Applications, Vol.11, No.2, pp. 318-333, 2018.
-  Y. Azar, S. Kamara, I. Menache, M. Raykova, and B. Shepard, “Co-location-resistant clouds,” Proc. of the 6th edition of the ACM Workshop on Cloud Computing Security, pp. 9-20, 2014.
-  L. Hu, H. Jin, X. Liao et al., “Magnet: a novel scheduling policy for power reduction in cluster with virtual machines,” Proc. of 2008 IEEE Int. Conf. on Cluster Computing, pp. 13-22, 2008.
-  Y. Minyi, “A simple proof of the inequality FFD (L) ≤11/9 OPT (L) +1, ∀L for the FFD bin-packing algorithm,” Acta Mathematicae Applicatae Sinica (English Series), Vol.7, No.4, pp. 321-331, 1991.
-  Y. Zhang, A. Juels, M. K. Reiter, and T. Ristenpart, “Cross-VM side channels and their use to extract private keys,” Proc. of the 2012 ACM Conf. on Computer and Communications Security (CCS ’12), pp. 305-316, 2012.
-  R. Hund, C. Willems, and T. Holz, “Practical timing side channel attacks against kernel space ASLR,” Proc. of the 2013 IEEE Symp. on Security and Privacy, pp. 191-205, 2013.
-  G. Irazoqui, T. Eisenbarth, and B. Sunar, “S$A: a shared cache attack that works across cores and defies VM sandboxing – and its application to AES,” Proc. of the 2015 IEEE Symp. on Security and Privacy, pp. 591-604, 2015.
-  F. Liu, Y. Yarom, Q. Ge, G. Heiser, and R. B. Lee, “Last-level cache side channel attacks are practical,” Proc. of the 2015 IEEE Symp. on Security and Privacy, pp. 605-622, 2015.
-  V. Varadarajan, T. Kooburat, B. Farley, T. Ristenpart, and M. M. Swift, “Resource-freeing attacks: improve your cloud performance (at your neighbor’s expense),” ACM Conf. on Computer and Communications Security (CCS ’12), pp. 281-292, 2012.
-  M. Weiß, B. Heinz, and F. Stumpf, “A cache timing attack on AES in virtualization environments,” Int. Conf. on Financial Cryptography and Data Security, pp. 314-328, 2012.
-  S. Gianvecchio and H. Wang, “An entropy-based approach to detecting covert timing channels,” IEEE Trans. on Dependable and Secure Computing, Vol.8, No.6, pp. 785-797, 2011.
-  A. Fuchs and R. B. Lee, “Disruptive prefetching: impact on side-channel attacks and cache designs,” Proc. of the 8th ACM Int. Systems and Storage Conf., Article No.14, 2015.
-  F. Liu and R. B. Lee, “Random fill cache architecture,” Proc. of the 47th Annual IEEE/ACM Int. Symp. on Microarchitecture, pp. 203-215, 2014.
-  X. Fan, W. D. Weber, and L. A. Barroso, “Power provisioning for a warehouse-sized computer,” Proc. of the 34th Annual Int. Symp. on Computer Architecture, pp. 13-23, 2007.
-  C. Clark, K. Fraser, S. Hand, J. G. Hansen, E. Jul et al., “Live migration of virtual machines,” Proc. of the 2nd Conf. on Symp. on Networked Systems Design & Implementation, Vol.2, pp. 273-286, 2005.
-  Y. Gao, H. Guan, Z. Qi et al., “A multi-objective ant colony system algorithm for virtual machine placement in cloud computing,” J. of Computer and System Sciences, Vol.79, No.8, pp. 1230-1242, 2013.
-  M. R. Garey and D. S. Johnson, “Computers and intractability: A Guide to the Theory of NP-Completeness,” W. H. Freeman & Co., Ltd., 1979.
-  K. Mills, J. Filliben, and C. Dabrowski, “Comparing VM-placement algorithms for on-demand clouds,” IEEE 3rd Int. Conf. on Cloud Computing Technology and Science, pp. 91-98, 2012.