Cross-tenant side-channel attacks in PaaS clouds

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2014, Pages 990-1003

  Zhang, Yinqian ^a   Juels, Ari ^b   Reiter, Michael K ^a   Ristenpart, Thomas ^c  

^a UNIVERSITY OF NORTH CAROLINA   (United States)

^b Cornell Tech ^*  (United States)

^c UNIVERSITY OF WISCONSIN MADISON   (United States)

Author keywords

Cache based side channels; Cloud security; Platform as a Service; Side channel attacks

Indexed keywords

PLATFORM AS A SERVICE (PAAS);

CLOUD SECURITIES; COLOCATIONS; ON STATE; SENSITIVE APPLICATION; SHOPPING CARTS; SIDE-CHANNEL; SINGLE SIGN ON;

SIDE CHANNEL ATTACK;

EID: 84910683194     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2660267.2660356     Document Type: Conference Paper

References (41)

1. F. E. Allen. Control flow analysis. SIGPLAN Not., 5(7):1-19, July 1970.
2. I. Alshanetsky. Top 10 ways to crash PHP. http://ilia.ws/archives/5-Top-10-ways-to-crash-PHP.html. Accessed: 2014-08-17.
3. B. Argyros and A. Kiayias. I forgot your password: Randomness attacks against PHP applications. In 21st USENIX Security Symposium, 2012.
4. A. Aviram, S. Hu, B. Ford, and R. Gummadi. Determinating timing channels in compute clouds. In 2010 ACM workshop on Cloud computing security workshop, pages 103-108, 2010.
5. R. Bardou, R. Focardi, Y. Kawamoto, L. Simionato, G. Steel, and J.-K. Tsay. Efficient padding oracle attacks on cryptographic hardware. In Advances in Cryptology - CRYPTO 2012, pages 608-625. 2012.
6. D. Bleichenbacher. Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS#1. In Advances in Cryptology - CRYPTO '98, pages 1-12, 1998.
7. W. J. Bolosky and M. L. Scott. False sharing and its effect on shared memory performance. In 4th USENIX Symposium on Experiences with Distributed and Multiprocessor Systems, 1993.
8. A. Bortz and D. Boneh. Exposing private information by timing web applications. In 16th International Conference on World Wide Web, pages 621-628, 2007.
9. B. Coppens, I. Verbauwhede, K. De Bosschere, and B. De Sutter. Practical mitigations for timing-based side-channel attacks on modern x86 processors. In IEEE Symposium on Security and Privacy, pages 45-60, 2009.
10. J. P. Crespo. Personal communication, June 2014.
11. G. Doychev, D. Feld, B. Köpf, and L. Mauborgne. CacheAudit: A tool for the static analysis of cache side channels. In USENIX Security Symposium, 2013.
12. S. Esser. Lesser known security problems in PHP applications. In Zend Conference, 2008.
13. E. W. Felten and M. A. Schneider. Timing attacks on web privacy. In 7th ACM Conference on Computer and Communications Security, pages 25-32, 2000.
14. D. Gullasch, E. Bangerter, and S. Krenn. Cache games - bringing access-based cache attacks on AES to practice. In 2011 IEEE Symposium on Security & Privacy, pages 490-505, 2011.
15. G. Irazoqui, M. S. Inci, T. Eisenbarth, and B. Sunar. Wait a minute! A fast, cross-VM attack on AES. Cryptology ePrint Archive, 2014.
16. T. Jager, S. Schinzel, and J. Somorovsky. Bleichenbacher's attack strikes again: breaking PKCS#1 v1.5 in XML encryption. In Computer Security - ESORICS 2012, pages 752-769. 2012.
17. S. Kamkar. phpwn: Attacking sessions and pseudo-random numbers in PHP. In Blackhat USA, 2010.
18. T. Kim, M. Peinado, and G. Mainar-Ruiz. STEALTHMEM: system-level protection against cache-based side channel attacks in the cloud. In 21st USENIX Security Symposium, 2012.
19. P. Li, D. Gao, and M. K. Reiter. Mitigating access-driven timing channels in clouds using StopWatch. In 43rd IEEE/IFIP International Conference on Dependable Systems and Networks, pages 1-12, June 2013.
20. R. P. Mahowald, C. W. Olofson, M.-C. Ballou, M. Fleming, and A. Hilwa. Worldwide competitive public Platform as a Service 2013-2017 forecast (Doc 243315). IDC Inc., November 2013.
21. D. Molnar, M. Piotrowski, D. Schultz, and D. Wagner. The program counter security model: Automatic detection and removal of control-flow side channel attacks. In Information Security and Cryptology, pages 156-168, 2005.
22. Y. Nagami, D. Miyamoto, H. Hazeyama, and Y. Kadobayashi. An independent evaluation of web timing attack and its countermeasure. In 3rd International Conference on Availability, Reliability and Security, pages 1319-1324, 2008.
23. Y. V. Natis. Gartner research highlights Platform as a Service (ID: G00259659). Gartner Inc., 3 February 2014.
24. N. Nethercote and J. Seward. Valgrind: A framework for heavyweight dynamic binary instrumentation. SIGPLAN Not., 42(6):89-100, June 2007.
25. M. Neve and J.-P. Seifert. Advances on access-driven cache attacks on AES. In Selected Areas in Cryptography, 13th International Workshop, SAC 2006, pages 147-162, August 2006.
26. OASIS. Bindings for the OASIS Security Assertion Markup Language (SAML) V2.0. http://docs.oasis-open.org/security/saml/v2.0/saml-bindings-2.0-os.pdf.
27. OASIS. Profiles for the OASIS Security Assertion Markup Language (SAML) V2.0. http://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf.
28. D. A. Osvik, A. Shamir, and E. Tromer. Cache attacks and countermeasures: the case of AES. In Topics in Cryptology - CT-RSA 2006, pages 1-20. Springer-Verlag, 2005.
29. R. Owens and W. Wang. Non-interactive OS fingerprinting through memory de-duplication technique in virtual machines. In 30th IEEE International Conference on Performance, Computing and Communications, pages 1-8, November 2011.
30. C. Percival. Cache missing for fun and profit. In BSDCon 2005, 2005.
31. H. Raj, R. Nathuji, A. Singh, and P. England. Resource management for isolation enhanced cloud services. In 2009 ACM workshop on Cloud computing security, pages 77-84, 2009.
32. T. Ristenpart, E. Tromer, H. Shacham, and S. Savage. Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds. In 16th ACM Conference on Computer and Communications Security, pages 199-212, 2009.
33. K. Suzaki, K. Iijima, T. Yagi, and C. Artho. Memory deduplication as a threat to the guest OS. In 4th European Workshop on System Security, April 2011.
34. E. Tromer, D. A. Osvik, and A. Shamir. Efficient cache attacks on AES, and countermeasures. Journal of Cryptology, 23(1):37-71, 2010.
35. V. Varadarajan, T. Ristenpart, and M. Swift. Scheduler-based defenses against cross-VM side-channels. In 23st USENIX Security Symposium, 2014.
36. B. C. Vattikonda, S. Das, and H. Shacham. Eliminating fine grained timers in Xen. In 3rd ACM workshop on Cloud computing security workshop, pages 41-46, 2011.
37. W3Techs. Usage of content management systems for websites. http://w3techs.com/technologies/overview/content-management/all.
38. Y. Yarom and K. Falkner. Flush+Reload: a high resolution, low noise, L3 cache side-channel attack. http://eprint.iacr.org/2013/448, 2013.
39. Y. Zhang, A. Juels, A. Oprea, and M.K. Reiter. HomeAlone: Co-residency detection in the cloud via side-channel analysis. In IEEE Symposium on Security and Privacy, pages 313-328, 2011.
40. Y. Zhang, A. Juels, M. K. Reiter, and T. Ristenpart. Cross-VM side channels and their use to extract private keys. In 2012 ACM Conference on Computer and Communications Security, pages 305-316, 2012.
41. Y. Zhang and M. K. Reiter. Düppel: retrofitting commodity operating systems to mitigate cache side channels in the cloud. In 2013 ACM Conference on Computer and Communications Security, pages 827-838, 2013.