Co-location resistant virtual machine placement in cloud data centers

Due to increasing number of avenues for conducting cross-virtual machine (VM) side-channel attacks, the security of public IaaS cloud data centers is a growing concern. These attacks allow an adversary to steal private information from a target user whose VM instance is co-located with that of the a...

Full description

Saved in:
Bibliographic Details
Main Authors: AGARWAL, Amit, TA, Nguyen Binh Duong
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2018
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/4831
https://ink.library.smu.edu.sg/context/sis_research/article/5834/viewcontent/Co_location_ICAPS_2018_av.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
Description
Summary:Due to increasing number of avenues for conducting cross-virtual machine (VM) side-channel attacks, the security of public IaaS cloud data centers is a growing concern. These attacks allow an adversary to steal private information from a target user whose VM instance is co-located with that of the adversary. To reduce the probability of malicious co-location, we propose a novel VM placement algorithm called “Previously Co-Located Users First”. We perform a theoretical and empirical analysis of our proposed algorithm to evaluate its resource efficiency and security. Our results, obtained using real-world cloud traces containing millions of VM requests and thousands of actual users, indicate that the proposed algorithm provides a significant increase in the cloud's co-location resistance with little compromise in resource utilization, compared to existing approaches.