Mitigating Access-Driven Timing Channels in Clouds using StopWatch
This paper presents StopWatch , a system that defends against timing-based side-channel attacks that arise from coresidency of victims and attackers in infrastructure-as-a-service clouds. StopWatchtriplicates each cloud-resident guest virtual machine (VM) and places replicas so that the three replic...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2013
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/2038 https://ink.library.smu.edu.sg/context/sis_research/article/3037/viewcontent/dsn13.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-3037 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-30372018-12-05T05:50:23Z Mitigating Access-Driven Timing Channels in Clouds using StopWatch LI, Peng GAO, Debin Reiter, Michael K. This paper presents StopWatch , a system that defends against timing-based side-channel attacks that arise from coresidency of victims and attackers in infrastructure-as-a-service clouds. StopWatchtriplicates each cloud-resident guest virtual machine (VM) and places replicas so that the three replicas of a guest VM are coresident with nonoverlapping sets of (replicas of) other VMs. StopWatch uses thetiming of I/O events at a VM's replicas collectively to determine the timings observed by each one or by an external observer, so that observable timing behaviors are similarly likely in the absence of any other individual, coresident VM. We detail the design and implementation of StopWatch in Xen, evaluate the factors that influence its performance, and address the problem of placing VM replicas in a cloudunder the constraints of StopWatch so as to still enable adequate cloud utilization. 2013-06-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/2038 info:doi/10.1109/DSN.2013.6575299 https://ink.library.smu.edu.sg/context/sis_research/article/3037/viewcontent/dsn13.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Information Security |
| spellingShingle |
Information Security LI, Peng GAO, Debin Reiter, Michael K. Mitigating Access-Driven Timing Channels in Clouds using StopWatch |
| description |
This paper presents StopWatch , a system that defends against timing-based side-channel attacks that arise from coresidency of victims and attackers in infrastructure-as-a-service clouds. StopWatchtriplicates each cloud-resident guest virtual machine (VM) and places replicas so that the three replicas of a guest VM are coresident with nonoverlapping sets of (replicas of) other VMs. StopWatch uses thetiming of I/O events at a VM's replicas collectively to determine the timings observed by each one or by an external observer, so that observable timing behaviors are similarly likely in the absence of any other individual, coresident VM. We detail the design and implementation of StopWatch in Xen, evaluate the factors that influence its performance, and address the problem of placing VM replicas in a cloudunder the constraints of StopWatch so as to still enable adequate cloud utilization. |
| format |
text |
| author |
LI, Peng GAO, Debin Reiter, Michael K. |
| author_facet |
LI, Peng GAO, Debin Reiter, Michael K. |
| author_sort |
LI, Peng |
| title |
Mitigating Access-Driven Timing Channels in Clouds using StopWatch |
| title_short |
Mitigating Access-Driven Timing Channels in Clouds using StopWatch |
| title_full |
Mitigating Access-Driven Timing Channels in Clouds using StopWatch |
| title_fullStr |
Mitigating Access-Driven Timing Channels in Clouds using StopWatch |
| title_full_unstemmed |
Mitigating Access-Driven Timing Channels in Clouds using StopWatch |
| title_sort |
mitigating access-driven timing channels in clouds using stopwatch |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2013 |
| url |
https://ink.library.smu.edu.sg/sis_research/2038 https://ink.library.smu.edu.sg/context/sis_research/article/3037/viewcontent/dsn13.pdf |
| _version_ |
1770571778341470208 |