TY - JOUR
T1 - Breaking VM isolation
T2 - An in-depth look into the cross flush reload cache timing attack
AU - Philippe-Jankovic, Danny
AU - Zia, Tanveer
N1 - Includes bibliographical references.
PY - 2017
Y1 - 2017
N2 - Cloud computing has led to a lot of improvements in the way we manage our IT infrastructure, but this convenience has led to new security challenges. In this paper, we recreate a cross Virtual Machine Flush+Reload cache timing attack and document our attack methodology in depth. Cache timing attacks are highly technical, and executing them in a virtualized environment makes them more complex. We have not come across any literature that documents these attacks adequately, and so this paper aims to deliver detailed insight into the entire lifecycle of these types of attacks. Our attack methodology dissects the life cycle of a side channel attack in a virtualized environment from beginning to end. We present an in-depth analysis of the environment, the attack setup, the attack execution, and how these attacks can be used to gather and analyse results. This research will shed some valuable insight into what is a very technical and complex topic. By documenting our attack environment and methodology we hope to help new researchers in this field gain a foothold in a research topic that has recently gained popularity and may be difficult to enter. Finally, we examine how meaningful results are collected and analysed by the attacker. We believe this insight will also be valuable for cloud administrators and developers, and that they may use their understanding of the attack lifecycle and result analysis tools to mitigate and disrupt attack attempts.
AB - Cloud computing has led to a lot of improvements in the way we manage our IT infrastructure, but this convenience has led to new security challenges. In this paper, we recreate a cross Virtual Machine Flush+Reload cache timing attack and document our attack methodology in depth. Cache timing attacks are highly technical, and executing them in a virtualized environment makes them more complex. We have not come across any literature that documents these attacks adequately, and so this paper aims to deliver detailed insight into the entire lifecycle of these types of attacks. Our attack methodology dissects the life cycle of a side channel attack in a virtualized environment from beginning to end. We present an in-depth analysis of the environment, the attack setup, the attack execution, and how these attacks can be used to gather and analyse results. This research will shed some valuable insight into what is a very technical and complex topic. By documenting our attack environment and methodology we hope to help new researchers in this field gain a foothold in a research topic that has recently gained popularity and may be difficult to enter. Finally, we examine how meaningful results are collected and analysed by the attacker. We believe this insight will also be valuable for cloud administrators and developers, and that they may use their understanding of the attack lifecycle and result analysis tools to mitigate and disrupt attack attempts.
KW - Hypervisor
KW - Virtualization isolation
KW - Flush+reload
KW - Cache timing attack
KW - Cross VM
M3 - Article
SN - 1738-7906
VL - 17
SP - 181
EP - 193
JO - International Journal of Computer Science and Network Security
JF - International Journal of Computer Science and Network Security
IS - 2
ER -