Article

A Covert Channel Using Event Channel State on Xen Hypervisor

Authors:

Zhuangzhuang Zhang,

Zhonghai WuAuthors Info & Claims

Information and Communications Security: 15th International Conference, ICICS 2013, Beijing, China, November 20-22, 2013. Proceedings

Pages 125 - 134

https://doi.org/10.1007/978-3-319-02726-5_10

Published: 20 November 2013 Publication History

Abstract

Covert channel between virtual machines is one of serious threats to cloud computing, since it will break the isolation of guest OSs. Even if a lot of work has been done to resist covert channels, new covert channels still emerge in various manners. In this paper, we introduce event channel mechanism in detail. Then we develop a covert channel called CCECS(Covert Channel using Event Channel State) and implement it on Xen hypervisor. Finally we quantitatively evaluate CCECS and discuss the possible mitigation methods. Results show that it can achieve larger bit rate than most existing covert channels.

References

[1]

Chen, Y., Paxson, V., Katz, R.H.: What’s New About Cloud Computing Security? Technical report, UCB/EECS-2010-5, EECS Department, University of California, Berkeley (2010)

[2]

Reuben, J.S.: A survey on virtual machine security. In: Security of the End Hosts on the Internet, Seminar on Network Security Autumn 2007. Helsinki University of Technology Telecommunications Software and Multimedia Laboratory (2007)

[3]

U. D. of Defense: Trusted Computing System Evaluation Criteria. DoD 5200.28-STD, Washington (1985)

[4]

Wang, Z., Lee, R.B.: Covert and Side Channels Due to Processor Architecture. In: Proceedings of the 22nd Annual Computer Security Applications Conference, Washington, pp. 473–482 (2006)

[5]

Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, New York, pp. 199–212 (2009)

[6]

Xu, Y., Bailey, M., Jahanian, F., Joshi, K., Hiltunen, M., Schlichting, R.: An exploration of L2 cache covert channels in virtualized environments. In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop, New York, pp. 29–40 (2011)

[7]

Wu, Z., Xu, Z., Wang, H.: Whispers in the hyper-space: high-speed covert channel attacks in the cloud. In: Proceedings of the 21st USENIX Conference on Security Symposium, Berkeley, p. 9 (2012)

[8]

Okamura, K., Oyama, Y.: Load-based covert channels between Xen virtual machines. In: Proceedings of the 2010 ACM Symposium on Applied Computing, New York, pp. 173–180 (2010)

[9]

Li, Y., Shen, Q., Zhang, C., Sun, P., Chen, Y., Qing, S.: A Covert Channel Using Core Alternation. In: Proceedings of the 2012 26th International Conference on Advanced Information Networking and Applications Workshops, Washington, pp. 324–328 (2012)

[10]

Wu, J., Ding, L., Wang, Y., Han, W.: Identification and Evaluation of Sharing Memory Covert Timing Channel in Xen Virtual Machines. In: Proceedings of the 2011 IEEE 4th International Conference on Cloud Computing, Washington, pp. 283–291 (2011)

[11]

Xiao, J., Xu, Z., Huang, H., Wang, H.: POSTER: A covert channel construction in a virtualized environment. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, New York, pp. 1040–1042 (2012)

[12]

Salaün M. Practical overview of a xen covert channel J. Comput. Virol. 2010 6 317-328

[13]

Ranjith P., Priya C., and Shalini K. On covert channels between virtual machines J. Comput. Virol. 2012 8 85-97

[14]

Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., Warfield., A.: Xen and the art of virtualization. In: Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles, New York, pp. 164–177 (2003)

[15]

Amazon Elastic Compute Cloud (EC2), http://aws.amazon.com/ec2/

[16]

Zhang, Y., Juels, A., Oprea, A., Reiter, M.K.: Homealone: Co-residency detection in the cloud via side-channel analysis. In: Proceedings of the 2011 IEEE Symposium on Security and Privacy, Washington, pp. 313–328 (2011)

Cited By

Zhu MZhang KTu B(2018)PCA: Page Correlation Aggregation for Memory Deduplication in Virtualized EnvironmentsInformation and Communications Security10.1007/978-3-030-01950-1_33(566-583)Online publication date: 29-Oct-2018
https://dl.acm.org/doi/10.1007/978-3-030-01950-1_33

Index Terms

A Covert Channel Using Event Channel State on Xen Hypervisor

Index terms have been assigned to the content through auto-classification.

Recommendations

Constructing the On/Off Covert Channel on Xen
CIS '12: Proceedings of the 2012 Eighth International Conference on Computational Intelligence and Security

Virtualization technology is the basis of cloud computing. Multiple virtual machines on a single physical host are isolated from each other. However, covert channel breaks the isolation and leaks sensitive information covertly. In this paper, we ...
Covert Communication With Channel-State Information at the Transmitter

We consider the problem of covert communication over a state-dependent channel, where the transmitter has causal or noncausal knowledge of the channel states. Here, covert means that a warden on the channel should observe similar statistics when the ...
Tunable Channel Decomposition for MIMO Communications Using Channel State Information

We consider jointly designing transceivers for multiple-input multiple-output (MIMO) communications. Assuming the availability of the channel state information (CSI) at the transmitter (CSIT) and receiver (CSIR), we propose a scheme that can decompose a ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

Information and Communications Security: 15th International Conference, ICICS 2013, Beijing, China, November 20-22, 2013. Proceedings

Nov 2013

425 pages

ISBN:978-3-319-02725-8

DOI:10.1007/978-3-319-02726-5

Editors:
Sihan Qing
Institute of Software, Chinese Academy of Sciences, 100190, Beijing, China
,
Jianying Zhou
Institute for Infocomm Research, Infocom Security Department, 1 Fusionopolis Way, #21-01 Connexis, South Tower, 138632, Singapore, Singapore
,
Dongmei Liu
Institute of Software, Chinese Academy of Sciences, 100190, Beijing, China

© Springer International Publishing Switzerland 2013.

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 20 November 2013

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 26 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Zhu MZhang KTu B(2018)PCA: Page Correlation Aggregation for Memory Deduplication in Virtualized EnvironmentsInformation and Communications Security10.1007/978-3-030-01950-1_33(566-583)Online publication date: 29-Oct-2018
https://dl.acm.org/doi/10.1007/978-3-030-01950-1_33

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents