On the Detection of Adaptive Side-Channel Attackers in Cloud Environments

Hisham Alhulayyil, Karim Khalil, Srikanth V. Krishnamurthy, Derya Cansever, Thomas La Porta, Ananthram Swami

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Malicious coresidency is a precursor to side-channel attacks that target information leakage. In this paper, we seek to understand the interactions between a defender (the cloud service provider) who tries to detect malicious coresidency by an attacker, who in turn attempts to co-reside its VM with a victim VM on the same physical machine by exploiting the VM allocation policy employed by the cloud service provider while at the same time, trying to evade detection. The problem is modeled as a two-player game. Specifically, the attacker chooses how long to keep its VM operational before terminating and relaunching it to increase its odds of success. On the other hand, the defender attempts to detect and penalize malicious VMs based on their activity in a given time window. The defender estimates a maliciousness measure for all active VMs which then modulates the likelihood of a specific VM being migrated to a different physical machine. We study the equilibrium strategies for both players for different ranges of environment parameters and show the non-existence of equilibrium with pure strategies. Subsequently, we characterize the equilibrium of the game with mixed strategies.

Original languageEnglish (US)
Title of host publication2018 IEEE Global Communications Conference, GLOBECOM 2018 - Proceedings
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781538647271
DOIs
StatePublished - Jan 1 2018
Event2018 IEEE Global Communications Conference, GLOBECOM 2018 - Abu Dhabi, United Arab Emirates
Duration: Dec 9 2018Dec 13 2018

Publication series

Name2018 IEEE Global Communications Conference, GLOBECOM 2018 - Proceedings

Conference

Conference2018 IEEE Global Communications Conference, GLOBECOM 2018
CountryUnited Arab Emirates
CityAbu Dhabi
Period12/9/1812/13/18

All Science Journal Classification (ASJC) codes

  • Information Systems and Management
  • Renewable Energy, Sustainability and the Environment
  • Safety, Risk, Reliability and Quality
  • Signal Processing
  • Modeling and Simulation
  • Instrumentation
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'On the Detection of Adaptive Side-Channel Attackers in Cloud Environments'. Together they form a unique fingerprint.

Cite this