z-logo
Premium
Survey on covert channels in virtual machines and cloud computing
Author(s) -
Betz Johann,
Westhoff Dirk,
Müller Günter
Publication year - 2017
Publication title -
transactions on emerging telecommunications technologies
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.366
H-Index - 47
ISSN - 2161-3915
DOI - 10.1002/ett.3134
Subject(s) - computer science , adversary , exploit , cloud computing , covert channel , computer security , covert , isolation (microbiology) , virtualization , server , channel (broadcasting) , virtual machine , cloud computing security , computer network , operating system , biology , security information and event management , linguistics , philosophy , microbiology and biotechnology
Covert channels have been known for a long time because of their versatile forms of appearance. For nearly every technical improvement or change in technology, such channels have been (re‐)created or known methods have been adapted. For example, the introduction of hyperthreading technology has introduced new possibilities for covert communication between malicious processes because they can now share the arithmetic logical unit as well as the L1 and L2 caches, which enable establishing multiple covert channels. Even virtualization, which is known for its isolation of multiple machines, is prone to covert‐ and side‐channel attacks because of the sharing of resources. Therefore, it is not surprising that cloud computing is not immune to this kind of attacks. Moreover, cloud computing with multiple, possibly competing users or customers using the same shared resources may elevate the risk of illegitimate communication. In such a setting, the “air gap” between physical servers and networks disappears, and only the means of isolation and virtual separation serve as a barrier between adversary and victim. In the work at hand, we will provide a survey on vulnerable spots that an adversary could exploit trying to exfiltrate private data from target virtual machines through covert channels in a cloud environment. We will evaluate the feasibility of example attacks and point out proposed mitigation solutions in case they exist.

This content is not available in your region!

Continue researching here.

Having issues? You can contact us here