B. Semal, K. Markantonakis, K. Mayes, Jan Kalbantner
{"title":"One Covert Channel to Rule Them All: A Practical Approach to Data Exfiltration in the Cloud","authors":"B. Semal, K. Markantonakis, K. Mayes, Jan Kalbantner","doi":"10.1109/TrustCom50675.2020.00053","DOIUrl":null,"url":null,"abstract":"The sharing of hardware platforms in multi-tenant environments is a growing security concern. Microarchitectural timing-based covert channels allow tunneling information out of a compromised cloud instance, thus bypassing information flow policies. Significant research efforts have been carried out in order to address the super-set of timing channels. Nevertheless, new attacks keep on being published while disregarding the latest academic efforts, arguing that the relevant defences have not yet been deployed. In order to bridge the gap between vulnerabilities and countermeasures, we challenge state-of-the-art mitigation techniques by constructing the first cross-VM covert channel that is resilient against all known defences, whether they are already deployed or still theoretical. Defence strategies that are relevant with covert channels are surveyed, and a list of requirements is constructed for the new attack. Then, we re-visit the exploitation of the x86 memory bus lock, and launch the proposed covert communication channel across two AWS EC2 instances. While simple in design, the proposed implementation shows that x86 microarchitectures still present salient vulnerabilities, and that state-of-the-art defence strategies-even theoretical ones—remain unsuccessful at hindering data leakage in multi-tenant environments. Finally, a strategy to mitigate the remaining vulnerability is suggested, along with a comparison against the ARMv8 processor architecture.","PeriodicalId":221956,"journal":{"name":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","volume":"56 8","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TrustCom50675.2020.00053","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
The sharing of hardware platforms in multi-tenant environments is a growing security concern. Microarchitectural timing-based covert channels allow tunneling information out of a compromised cloud instance, thus bypassing information flow policies. Significant research efforts have been carried out in order to address the super-set of timing channels. Nevertheless, new attacks keep on being published while disregarding the latest academic efforts, arguing that the relevant defences have not yet been deployed. In order to bridge the gap between vulnerabilities and countermeasures, we challenge state-of-the-art mitigation techniques by constructing the first cross-VM covert channel that is resilient against all known defences, whether they are already deployed or still theoretical. Defence strategies that are relevant with covert channels are surveyed, and a list of requirements is constructed for the new attack. Then, we re-visit the exploitation of the x86 memory bus lock, and launch the proposed covert communication channel across two AWS EC2 instances. While simple in design, the proposed implementation shows that x86 microarchitectures still present salient vulnerabilities, and that state-of-the-art defence strategies-even theoretical ones—remain unsuccessful at hindering data leakage in multi-tenant environments. Finally, a strategy to mitigate the remaining vulnerability is suggested, along with a comparison against the ARMv8 processor architecture.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
