Security in Cloud Virtualization Layer (original) (raw)

Branch Prediction Analysis attack is one of the most significant Side-Channel Attack (SCA), which causes severe issues on a machine hosting multiple services by exploiting shared resources. The current state of the art cloud technology provides a level of isolation by hosting processes on different VMs (Virtual Machines). Still, the scope of exploitation does not get eliminated even in the virtualization environment. The severity of the BPA attack and its normal-looking attack detecting mechanism makes its study very interesting and challenging. With the main research focus on security issues in the virtual environment, handling of Cross-VM BPA attack is the core of the present research work. The applicability of four BPA attack launching methods has been assessed on different types of VM configurations. Simulation of two important types of BPA (Branch Prediction Analysis) attacks; DTA (Direct Timing Attack) and TDA (Trace-Driven Attack) was also done on the most common VM configuration. With an in-depth study of attack launching methods and their behavior analysis, a four-eyed model Chaturdrashta is proposed. Chaturdrashta is comprised of two solutions: Trilochan to detect Cross-VM Direct Timing Attack (DTA) and Trinetra to detect Cross-VM Trace-Driven Attack (TDA). Solutions can successfully detect the attack by the time when just a few bits are predicted. The processing overhead of the proposed approach is hardly 1%. Additionally, Trilochan and Trinetra in their original form were also found capable of detecting the presence of the BPA attack launched with the Asynchronous and Synchronous BTB Eviction methods. A testbed comprising of various types of genuine processes was simulated to check the efficiency of solutions. With high accuracy in attack detection, the solutions do not have any false positives. The proposed solutions neither depend on any cryptographic algorithm nor manipulate any architectural components. Chaturdrashta is a host-based solution, where one of the components is embedded in the kernel. The other three components are implemented as Linux services. Such an implementation requires a system reboot to bring their manipulations into effect. In turn, it reduces the scope of Chaturdrashta of getting exploited. 2 1. State of the Art Cloud technology has become a defacto standard for service provisioning due to its resource optimization capabilities. Its feature of providing virtual machines (VMs) to different users for different purposes is being used very commonly by cloud administrators. This multi-tenant environment of the cloud technology opens up a new dimension of the security threats due to its intrinsic characteristics. Most of the users and administrators consider virtual machines as independent machines. Configuring full proof isolated virtual machine is not possible in available tools and technology directly. Very few tools tried to provide this facility but at the cost of resource optimization and compromising useful features like load balancing and fault tolerance. Furthermore, it requires high-level expertise and in-depth knowledge to implement such configuration. The common out of the box, standard and adopted configuration model does provide isolation of memory, disk space, OS, Applications, etc. but shares CPU cores across virtual machines. Thus, hardware resources like Cache Memory, Memory Bus, Network Queue, and Branch Prediction Unit (BPU) are also shared among co-hosted VMs. The sharing of resources opens the scope of Side-Channel Attacks, which are very common in machines used to host multiple services. We have studied one of the SCA, called Branch Prediction Analysis attack for our research work on "Security in Cloud Virtualization Layer". The study revealed the necessity of working out solutions to address BPA attacks in the virtual environment.