Exploring Virtual Machine Covert Channel via I/O Performance Interference

被引:4
|
作者
Yang, Ziye [1 ]
Chen, Ping [1 ]
机构
[1] EMC Labs China, Beijing, Peoples R China
来源
2013 INTERNATIONAL CONFERENCE ON CLOUD COMPUTING AND BIG DATA (CLOUDCOM-ASIA) | 2013年
关键词
D O I
10.1109/CLOUDCOM-ASIA.2013.62
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
The weakness of performance isolation in system virtualization leaks a time window for various kinds of attacks which can be leveraged by malicious users to threaten the security of the virtual machines (VMs) atop or construct hidden information channel. In this paper, we propose vLeaker, a practical covert timing channel built on fine-grained VM I/O performance interference, by which VMs co-resident in storage aspect can exchange the information with relatively high transmission speed and low data error rate. We evaluate our vLeaker system on Xen and VMware hypervisor and show that the maximal transmission rate can arrive at 125 bps on our local testbed. Moreover, the effective transmission rate ranges from 72 to 124 bps with average error rate lower than 13% under different configurations.
引用
收藏
页码:232 / 239
页数:8
相关论文
共 50 条
  • [21] Optimize Performance of Virtual Machine Checkpointing via Memory Exclusion
    Liu, Haikun
    Jin, Hai
    Liao, Xiaofei
    FOURTH CHINAGRID ANNUAL CONFERENCE, PROCEEDINGS, 2009, : 199 - 204
  • [22] VMCD: A Virtual Multi-Channel Disk I/O Scheduling Method for Virtual Machines
    Tan, Huailiang
    Li, Chao
    He, Zaihong
    Li, Keqin
    Hwang, Kai
    IEEE TRANSACTIONS ON SERVICES COMPUTING, 2016, 9 (06) : 982 - 995
  • [23] Performance Management of Virtual Machines via Passive Measurement and Machine Learning
    Hayashi, Toshiaki
    Ohta, Satoru
    2012 9TH INTERNATIONAL CONFERENCE ON UBIQUITOUS INTELLIGENCE & COMPUTING AND 9TH INTERNATIONAL CONFERENCE ON AUTONOMIC & TRUSTED COMPUTING (UIC/ATC), 2012, : 533 - 538
  • [24] Alleviating I/O Interference via Caching and Rate-Controlled Prefetching without Degrading Migration Performance
    Stuart, Morgan
    Lu, Tao
    He, Xubin
    2014 9TH PARALLEL DATA STORAGE WORKSHOP (PDSW), 2014, : 19 - 24
  • [25] Virtual I/O Scheduler: A Scheduler of Schedulers for Performance Virtualization
    Seelam, Seetharami R.
    Teller, Patricia J.
    VEE'07: PROCEEDINGS OF THE THIRD INTERNATIONAL CONFERENCE ON VIRTUAL EXECUTION ENVIRONMENTS, 2007, : 105 - +
  • [26] A Cross-Virtual Machine Network Channel Attack via Mirroring and TAP Impersonation
    Saeed, Atif
    Garraghan, Peter
    Craggs, Barnaby
    van der Linden, Dirk
    Rashid, Awais
    Hussain, Syed Asad
    PROCEEDINGS 2018 IEEE 11TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING (CLOUD), 2018, : 606 - 613
  • [27] Exploring I/O Management Performance in ZNS with ConfZNS plus
    Doekemeijer, Krijn
    Maisenbacher, Dennis
    Ren, Zebin
    Tehrany, Nick
    Bjorling, Matias
    Trivedi, Animesh
    PROCEEDINGS OF THE 17TH ACM INTERNATIONAL SYSTEMS AND STORAGE CONFERENCE, SYSTOR 2024, 2024, : 162 - 177
  • [28] Measuring CPU overhead for I/O processing in the Xen Virtual Machine Monitor
    Cherkasova, L
    Gardner, R
    USENIX ASSOCIATION PROCEEDINGS OF THE GENERAL TRACK: 2005 UNENIX ANNUAL TECHNICAL CONFERENCE, 2005, : 387 - 390
  • [29] A Queuing based Network I/O Scheduling with QoS Guarantee for Virtual Machine
    Liu, Xiaodong
    Wen, Zhengying
    Wang, Miao
    INTERNATIONAL JOURNAL OF FUTURE GENERATION COMMUNICATION AND NETWORKING, 2015, 8 (06): : 123 - 134
  • [30] Virtual Machine Image Content Aware I/O Optimization for Mobile Virtualization
    Chen, Renhai
    Wang, Yi
    Hu, Jingtong
    Liu, Duo
    Shao, Zili
    Guan, Yong
    2015 IEEE 17TH INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING AND COMMUNICATIONS, 2015 IEEE 7TH INTERNATIONAL SYMPOSIUM ON CYBERSPACE SAFETY AND SECURITY, AND 2015 IEEE 12TH INTERNATIONAL CONFERENCE ON EMBEDDED SOFTWARE AND SYSTEMS (ICESS), 2015, : 1031 - 1036
12345