Scheduler vulnerabilities and coordinated attacks in cloud computing

Proceedings - 2011 IEEE International Symposium on Network Computing and Applications, NCA 2011

Volumn , Issue , 2011, Pages 123-130

  Zhou, Fangfei ^a   Goel, Manish ^a   Desnoyers, Peter ^a   Sundaram, Ravi ^a  

^a Northeastern University   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ABSTRACT MAPPING; AMAZON EC2; ATTACK SCENARIOS; BUSINESS MODELS; CLOUD PROVIDERS; COLOCATIONS; COMPUTING SERVICES; COORDINATED ATTACK; CPU TIME; FAIR SHARE; LIMITED DATA; NETWORK TOPOLOGY; PROBABILISTIC METHODS; UPPER AND LOWER BOUNDS; VIRTUAL MACHINES; VIRTUALIZATIONS;

ALGORITHMS; COMPUTER SIMULATION; COMPUTER SYSTEMS; ELECTRIC NETWORK TOPOLOGY; MAPPING;

CLOUD COMPUTING;

EID: 80054989565     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/NCA.2011.24     Document Type: Conference Paper

References (32)

1. T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, "Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds," in ACM CCS, 2009.
2. N. Alon and J. Spencer, The Probabilistic Method. John Wiley and Sons, Inc, 2008.
3. P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield, "Xen and the art of virtualization," in ACM SOSP, 2003.
4. S. McCanne and C. Torek, "A randomized sampling clock for cpu utilization estimation and code profiling," in USENIX, 1993.
5. D. Tsafrir, Y. Etsion, and D. G. Feitelson, "Secretly monopolizing the CPU without superuser privileges," in 16th USENIX Security Symposium, 2007.
6. D. Chisnall, The Definitive Guide to the Xen Hypervisor. Prentice Hall PTR, 2007.
7. "Amazon Web Services: Overview of Security Processes," 2008, http://developer.amazonwebservices.com.
8. C. Boulton, "Novell, Microsoft Outline Virtual Collaboration," Serverwatch, 2007.
9. L. Cherkasova, D. Gupta, and A. Vahdat, "Comparison of the three CPU schedulers in Xen," SIGMETERICS Performance Evaluation Review, 2007.
10. R. P. Weicker, "Dhrystone Benchmark: Rationale for Version 2 and Measurement Rules," SIGPLAN Notices, 1988.
11. S. Siddha, V. Pallipadi, and A. V. D. Ven, "Getting maximum mileage out of tickless," in Linux Symposium, 2007.
12. H. Kim, H. Lim, J. Jeong, H. Jo, and J. Lee, "Task-aware virtual machine scheduling for I/O performance," in ACM VEE), 2009.
13. T. Mytkowicz, A. Diwan, M. Hauswirth, and P. F. Sweeney, "Producing wrong data without doing anything obviously wrong!" in ASPLOS 2009, 2009.
14. D. Talbot, "Vulnerability seen in amazon's cloud computing," MIT Tech Review, October 2009.
15. F. Zhou, M. Goel, P. Desnoyers, and R. Sundaram, "Scheduler vulnerabilities and coordinated attacks in cloud computing," in Northeastern Technical Report, 2010.
16. L. Cherkasova, D. Gupta, and A. Vahdat, "When virtual is harder than real: Resource allocation challenges in virtual machine based IT environments," 2007.
17. D. Gupta, L. Cherkasova, R. Gardner, and A. Vahdat, "Enforcing performance isolation across virtual machines in Xen," in ACM/IFIP/USENIX Middleware, 2006.
18. S. Govindan, A. Nath, A. Das, B. Urgaonkar, and A. Sivasubramaniam, "Xen and co.: communication-aware cpu scheduling for consolidated xen-based hosting platforms," in ACM VEE, 2007.
19. D. Ongaro, A. L. Cox, and S. Rixner, "Scheduling I/O in a virtual machine monitor," in ACM VEE, 2008.
20. C. Weng, Z. Wang, M. Li, and X. Lu, "The hybrid scheduling framework for virtual machine systems," in ACM VEE, 2009.
21. L. Cherkasova and R. Gardner, "Measuring CPU overhead for I/O processing in the Xen virtual machine monitor," in USENIX, 2005.
22. J. Liu, W. Huang, B. Abali, and D. K. Panda, "High performance VMM-bypass I/O in virtual machines," in USENIX, 2006.
23. P. Willmann, J. Shafer, D. Carr, A. Menon, S. Rixner, A. L. Cox, and W. Zwaenepoel, "Concurrent direct network access for virtual machine monitors," in 13th Int'l Symp. HPDC, 2007.
24. A. Menon, J. R. Santos, Y. Turner, G. J. Janakiraman, and W. Zwaenepoel, "Diagnosing performance overheads in the Xen virtual machine environment," in ACM VEE, 2005.
25. H. Raj and K. Schwan, "High performance and scalable I/O virtualization via self-virtualized devices," in 16th Int'l Symp. HPDC, 2007.
26. S. Rueda, Y. Sreenivasan, and T. Jaeger, "Flexible security configuration for virtual machines," in ACM workshop on Computer security archite-cures, 2008.
27. D. G. Murray, G. Milos, and S. Hand, "Improving Xen security through disaggregation," in ACM VEE, 2008.
28. B. Jansen, H. V. Ramasamy, and M. Schunter, "Policy enforcement and compliance proofs for Xen virtual machines," in ACM VEE, 2008.
29. J. Komlós and A. G. Greenberg, "An asymptotically fast nonadaptive algorithm for conflict resolution in multiple-access channels," IEEE Transactions on Information Theory, vol. 31, no. 2, pp. 302-306, 1985.
30. A. G. Greenberg and S. Winograd, "A lower bound on the time needed in the worst case to resolve conflicts deterministically in multiple access channels," J. ACM, vol. 32, no. 3, pp. 589-596, 1985. (Pubitemid 15507403)
31. A. G. Greenberg, P. Flajolet, and R. E. Ladner, "Estimating the multiplicities of conflicts to speed their resolution in multiple access channels," J. ACM, vol. 34, no. 2, pp. 289-325, 1987. (Pubitemid 17602849)
32. O. Kerr, "Cybercrime's "access" and " authorization" in computer misuse statutes," NYU Law Review, 2003.