Stealth migration: Hiding virtual machines on the network

S. Achleitner, T. La Porta, P. McDaniel, S. V. Krishnamurthy, A. Poylisher, C. Serban

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Live virtual machine (VM) migration is commonly used for enabling dynamic resource or fault management, or for load balancing in datacenters or cloud platforms. A service hosted by a VM may also be migrated to prevent its visibility to an external adversary who may seek to disrupt its operation by launching a DDoS attack against it. We first show that current systems cannot adequately hide a VM migration from an external adversary. The key reason for this is that a migration typically manifests a traffic pattern with distinguishable statistical properties. We introduce two new attacks that can allow an adversary to effectively track a migration in progress, by leveraging observations of these properties. As our primary contribution, we design and implement a stealth migration framework that causes migration traffic to be indistinguishable from regular Internet traffic, with a negligible latency overhead of approximately 0.37 seconds, on average.

Original languageEnglish (US)
Title of host publicationINFOCOM 2017 - IEEE Conference on Computer Communications
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781509053360
DOIs
StatePublished - Oct 2 2017
Event2017 IEEE Conference on Computer Communications, INFOCOM 2017 - Atlanta, United States
Duration: May 1 2017May 4 2017

Publication series

NameProceedings - IEEE INFOCOM
ISSN (Print)0743-166X

Other

Other2017 IEEE Conference on Computer Communications, INFOCOM 2017
CountryUnited States
CityAtlanta
Period5/1/175/4/17

Fingerprint

Launching
Visibility
Resource allocation
Internet
Virtual machine

All Science Journal Classification (ASJC) codes

  • Computer Science(all)
  • Electrical and Electronic Engineering

Cite this

Achleitner, S., Porta, T. L., McDaniel, P., Krishnamurthy, S. V., Poylisher, A., & Serban, C. (2017). Stealth migration: Hiding virtual machines on the network. In INFOCOM 2017 - IEEE Conference on Computer Communications [8057195] (Proceedings - IEEE INFOCOM). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/INFOCOM.2017.8057195
Achleitner, S. ; Porta, T. La ; McDaniel, P. ; Krishnamurthy, S. V. ; Poylisher, A. ; Serban, C. / Stealth migration : Hiding virtual machines on the network. INFOCOM 2017 - IEEE Conference on Computer Communications. Institute of Electrical and Electronics Engineers Inc., 2017. (Proceedings - IEEE INFOCOM).
@inproceedings{6da9e521b9a34a01b1ed58fad2887a93,
title = "Stealth migration: Hiding virtual machines on the network",
abstract = "Live virtual machine (VM) migration is commonly used for enabling dynamic resource or fault management, or for load balancing in datacenters or cloud platforms. A service hosted by a VM may also be migrated to prevent its visibility to an external adversary who may seek to disrupt its operation by launching a DDoS attack against it. We first show that current systems cannot adequately hide a VM migration from an external adversary. The key reason for this is that a migration typically manifests a traffic pattern with distinguishable statistical properties. We introduce two new attacks that can allow an adversary to effectively track a migration in progress, by leveraging observations of these properties. As our primary contribution, we design and implement a stealth migration framework that causes migration traffic to be indistinguishable from regular Internet traffic, with a negligible latency overhead of approximately 0.37 seconds, on average.",
author = "S. Achleitner and Porta, {T. La} and P. McDaniel and Krishnamurthy, {S. V.} and A. Poylisher and C. Serban",
year = "2017",
month = "10",
day = "2",
doi = "10.1109/INFOCOM.2017.8057195",
language = "English (US)",
series = "Proceedings - IEEE INFOCOM",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
booktitle = "INFOCOM 2017 - IEEE Conference on Computer Communications",
address = "United States",

}

Achleitner, S, Porta, TL, McDaniel, P, Krishnamurthy, SV, Poylisher, A & Serban, C 2017, Stealth migration: Hiding virtual machines on the network. in INFOCOM 2017 - IEEE Conference on Computer Communications., 8057195, Proceedings - IEEE INFOCOM, Institute of Electrical and Electronics Engineers Inc., 2017 IEEE Conference on Computer Communications, INFOCOM 2017, Atlanta, United States, 5/1/17. https://doi.org/10.1109/INFOCOM.2017.8057195

Stealth migration : Hiding virtual machines on the network. / Achleitner, S.; Porta, T. La; McDaniel, P.; Krishnamurthy, S. V.; Poylisher, A.; Serban, C.

INFOCOM 2017 - IEEE Conference on Computer Communications. Institute of Electrical and Electronics Engineers Inc., 2017. 8057195 (Proceedings - IEEE INFOCOM).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Stealth migration

T2 - Hiding virtual machines on the network

AU - Achleitner, S.

AU - Porta, T. La

AU - McDaniel, P.

AU - Krishnamurthy, S. V.

AU - Poylisher, A.

AU - Serban, C.

PY - 2017/10/2

Y1 - 2017/10/2

N2 - Live virtual machine (VM) migration is commonly used for enabling dynamic resource or fault management, or for load balancing in datacenters or cloud platforms. A service hosted by a VM may also be migrated to prevent its visibility to an external adversary who may seek to disrupt its operation by launching a DDoS attack against it. We first show that current systems cannot adequately hide a VM migration from an external adversary. The key reason for this is that a migration typically manifests a traffic pattern with distinguishable statistical properties. We introduce two new attacks that can allow an adversary to effectively track a migration in progress, by leveraging observations of these properties. As our primary contribution, we design and implement a stealth migration framework that causes migration traffic to be indistinguishable from regular Internet traffic, with a negligible latency overhead of approximately 0.37 seconds, on average.

AB - Live virtual machine (VM) migration is commonly used for enabling dynamic resource or fault management, or for load balancing in datacenters or cloud platforms. A service hosted by a VM may also be migrated to prevent its visibility to an external adversary who may seek to disrupt its operation by launching a DDoS attack against it. We first show that current systems cannot adequately hide a VM migration from an external adversary. The key reason for this is that a migration typically manifests a traffic pattern with distinguishable statistical properties. We introduce two new attacks that can allow an adversary to effectively track a migration in progress, by leveraging observations of these properties. As our primary contribution, we design and implement a stealth migration framework that causes migration traffic to be indistinguishable from regular Internet traffic, with a negligible latency overhead of approximately 0.37 seconds, on average.

UR - http://www.scopus.com/inward/record.url?scp=85034084639&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85034084639&partnerID=8YFLogxK

U2 - 10.1109/INFOCOM.2017.8057195

DO - 10.1109/INFOCOM.2017.8057195

M3 - Conference contribution

AN - SCOPUS:85034084639

T3 - Proceedings - IEEE INFOCOM

BT - INFOCOM 2017 - IEEE Conference on Computer Communications

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Achleitner S, Porta TL, McDaniel P, Krishnamurthy SV, Poylisher A, Serban C. Stealth migration: Hiding virtual machines on the network. In INFOCOM 2017 - IEEE Conference on Computer Communications. Institute of Electrical and Electronics Engineers Inc. 2017. 8057195. (Proceedings - IEEE INFOCOM). https://doi.org/10.1109/INFOCOM.2017.8057195