Identification and evaluation of sharing memory covert timing channel in Xen virtual machines

Proceedings - 2011 IEEE 4th International Conference on Cloud Computing, CLOUD 2011

Volumn , Issue , 2011, Pages 283-291

  Wu, Jing Zheng ^a,b   Ding, Liping ^a   Wang, Yongji ^a   Han, Wei ^a,b  

^a INSTITUTE OF SOFTWARE   (China)

^b UNIVERSITY OF CHINESE ACADEMY OF SCIENCES   (China)

Author keywords

Channel identification; Channel performance evaluation; Channel scenario construction; Cloud computing; Covert timing channel; Xen

Indexed keywords

CHANNEL IDENTIFICATION; COVERT CHANNELS; COVERT TIMING CHANNELS; EQUIVALENT CODES; IDENTIFICATION AND EVALUATION; IDENTIFICATION METHOD; INFORMATION FLOWS; OPERATIONAL PROCESS; PERFORMANCE EVALUATION; SEARCH ALGORITHMS; SHARED RESOURCES; SHARING MEMORIES; SOURCE CODES; TRANSMISSION CHANNELS; VIRTUAL MACHINES; VIRTUALIZATIONS; XEN;

VIRTUAL REALITY;

CLOUD COMPUTING;

EID: 80052666134     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CLOUD.2011.10     Document Type: Conference Paper

References (42)

1. P. Barham, B. Dragovic, K. Fraser, S. Hand, T. L. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield, "Xen and the art of virtualization," in SOSP, 2003, pp. 164-177. (Pubitemid 40929695)
2. K. Nance, M. Bishop, and B. Hay, "Virtual machine introspection: Observation or interference?" IEEE Security and Privacy, vol. 6, no. 5, pp. 32-37, 2008.
3. "Amazon elastic compute cloud (ec2)," http://aws.amazon.com/ ec2/.
4. Z. Wang and X. Jiang, "Hypersafe: A lightweight approach to provide lifetime hypervisor control-flow integrity," in IEEE Symposium on Security and Privacy. IEEE Computer Society, 2010, pp. 380-395.
5. B. D. Payne, R. Sailer, R. Cáceres, R. Perez, and W. Lee, "A layered approach to simplified access control in virtualized systems," Operating Systems Review, vol. 41, no. 4, pp. 12-19, 2007.
6. R. Sailer, T. Jaeger, E. Valdez, R. Cáceres, R. Perez, S. Berger, J. L. Griffin, and L. van Doorn, "Building a mac-based security architecture for the xen open-source hypervisor," in ACSAC. IEEE Computer Society, 2005, pp. 276-285. (Pubitemid 46116484)
7. T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, "Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds," in CCS '09: Proceedings of the 16th ACM conference on Computer and communications security. New York, NY, USA: ACM, 2009, pp. 199-212.
8. K. Okamura and Y. Oyama, "Load-based covert channels between xen virtual machines," in SAC, 2010, pp. 173-180.
9. Y. Chen, V. Paxson, and R. H. Katz, "Whats new about cloud computing security?" EECS Department, University of California, Berkeley, Tech. Rep. UCB/EECS-2010-5, Jan 2010, http://www.eecs.berkeley.edu/Pubs/TechRpts/2010/ EECS-2010-5.html.
10. A. Aviram, S. Hu, B. Ford, and R. Gummadi, "Determinating timing channels in compute clouds," in CCSW '10: Proceedings of the 2010 ACM workshop on Cloud computing security workshop. New York, NY, USA: ACM, 2010, pp. 103-108.
11. D. X. Song, D. Wagner, and X. Tian, "Timing analysis of keystrokes and timing attacks on ssh," in SSYM'01: Proceedings of the 10th conference on USENIX Security Symposium. Berkeley, CA, USA: USENIX Association, 2001, pp. 25-25.
12. NCSC, "Trusted computer system evaluation criteria (orange book)," 1985.
13. B. W. Lampson, "A note on the confinement problem," Commun. ACM, vol. 16, no. 10, pp. 613-615, 1973.
14. J. K. Millen, "20 years of covert channel modeling and analysis," in IEEE Symposium on Security and Privacy, 1999, pp. 113-114.
15. S. Zander, G. J. Armitage, and P. Branch, "A survey of covert channels and countermeasures in computer network protocols," IEEE Communications Surveys and Tutorials, vol. 9, no. 1-4, pp. 44-57, 2007.
16. J. Wu, Y. Wang, L. Ding, and X. Liao, "Improving performance of network covert timing channel through huffman coding," in The 2010 FTRA International Symposium on Advances in Cryptography, Security and Applications for Future Computing (ACSA 2010), Gwangju, Korea, December 2010.
17. ISO/IEC, "Common criteria for information technology security evaluation," 2005.
18. Y. Wang, J. Wu, L. Ding, and X. Liao, "Covert channel research," Journal of Software, vol. 21, no. 9, pp. 2262-2288, 2010.
19. J. Wu, Y. Wang, L. Ding, and Y. Zhang, "Constructing scenario of event-flag covert channel in secure operating system," in 2nd International Conference on Information and Multimedia Technology (ICIMT 2010), Hongkong, December 2010, pp. 371 - 375.
20. R. A. Kemmerer, "Shared resource matrix methodology: An approach to identifying storage and timing channels," ACM Trans. Comput. Syst., vol. 1, no. 3, pp. 256-277, 1983.
21. S. Cabuk, C. E. Brodley, and C. Shields, "IP covert channel detection," ACM Trans. Inf. Syst. Secur., vol. 12, no. 4, pp. 1-29, 2009.
22. V. Berk, A. Giani, G. Cybenko, and N. Hanover, "Detection of covert channel encoding in network packet delays," Rapport technique TR536, del Université de Dartmouth. Novembre, 2005.
23. B. D. Payne, M. Carbone, M. I. Sharif, and W. Lee, "Lares: An architecture for secure active monitoring using virtualization," in IEEE Symposium on Security and Privacy, 2008, pp. 233-247.
24. A. M. Azab, P. Ning, Z. Wang, X. Jiang, X. Zhang, and N. C. Skalsky, "Hypersentry: enabling stealthy in-context measurement of hypervisor integrity," in ACM Conference on Computer and Communications Security, 2010, pp. 38-49.
25. R. Lanotte, A. Maggiolo-Schettini, and A. Troina, "Time and probability-based information flow analysis," Software Engineering, IEEE Transactions on, vol. 36, no. 5, pp. 719-734, 2010.
26. J. Giles and B. Hajek, "An information-theoretic and game-theoretic study of timing channels," IEEE Transactions on Information Theory, vol. 48, no. 9, pp. 2455-2477, 2002. (Pubitemid 35032673)
27. N. Nagatou and T. Watanabe, "Run-time detection of covert channels," in ARES, 2006, pp. 577-584. (Pubitemid 44732694)
28. D. E. Denning, "A lattice model of secure information flow," Commun. ACM, vol. 19, no. 5, pp. 236-243, 1976.
29. NCSC, "A guide to understanding covert channel analysis of trusted systems," 1993.
30. C.-R. Tsai, V. D. Gligor, and C. S. Chandersekaran, "On the identification of covert storage channels in secure systems," IEEE Trans. Software Eng., vol. 16, no. 6, pp. 569-580, 1990. (Pubitemid 20737559)
31. R. A. Kemmerer and P. A. Porras, "Covert flow trees: A visual approach to analyzing covert storage channels," IEEE Trans. Software Eng., vol. 17, no. 11, pp. 1166-1185, 1991.
32. J. A. Goguen and J. Meseguer, "Security policies and security models," in IEEE Symposium on Security and Privacy, 1982, pp. 11-20.
33. C. Lattner and V. S. Adve, "LLVM: A compilation framework for lifelong program analysis & transformation," in CGO, 2004, pp. 75-88.
34. J. Son and J. Alves-Foss, "A formal framework for real-time information flow analysis," Comput. Secur., vol. 28, no. 6, pp. 421-432, 2009.
35. H. Zeng, Y. Wang, L. Ruan, W. Zu, and J. Cai, "Covert channel mitigation method. for secure real-time database using capacity metric," Journal on Communications, vol. 29, no. 8, pp. 46-56, 2008.
36. Q. N. Ahmed and S. V. Vrbsky, "Maintaining security and timeliness in real-time database system," Journal of Systems and Software, vol. 61, no. 1, pp. 15 - 29, 2002. (Pubitemid 34223165)
37. H. Zeng, Y. Wang, W. Zu, J. Cai, and L. Ruan, "New definition of small message criterion and its application in transaction covert channel mitigating," Journal of Software, vol. 20, no. 4, pp. 985-996, 2009.
38. I. Moskowitz and M. Kang, "Covert channels-here to stay?" in Computer Assurance, 1994. COMPASS '94 Safety, Reliability, Fault Tolerance, Concurrency and Real Time, Security. Proceedings of the Ninth Annual Conference on, Jun-1 Jul 1994, pp. 235-243.
39. S. Cabuk, C. E. Brodley, and C. Shields, "Ip covert timing channels: design and detection," in ACM Conference on Computer and Communications Security, 2004, pp. 178-187. (Pubitemid 40338199)
40. E. S. Ristad and P. N. Yianilos, "Learning string-edit distance," IEEE Trans. Pattern Anal. Mach. Intell., vol. 20, no. 5, pp. 522-532, 1998. (Pubitemid 128741331)
41. L. Yao, X. Zi, L. Pan, and J. Li, "A study of on/off timing channel based on packet delay distribution," Computers & Security, vol. 28, no. 8, pp. 785 - 794, 2009.
42. S. H. Sellke, C.-C. Wang, S. Bagchi, and N. B. Shroff, "TCP/IP timing channels: Theory to implementation," in INFOCOM, 2009, pp. 2204-2212.