DeepAI AI Chat
Log In Sign Up

Deterministically Deterring Timing Attacks in Deterland

04/27/2015
by   Weiyi Wu, et al.
0

The massive parallelism and resource sharing embodying today's cloud business model not only exacerbate the security challenge of timing channels, but also undermine the viability of defenses based on resource partitioning. We propose hypervisor-enforced timing mitigation to control timing channels in cloud environments. This approach closes "reference clocks" internal to the cloud by imposing a deterministic view of time on guest code, and uses timing mitigators to pace I/O and rate-limit potential information leakage to external observers. Our prototype hypervisor is the first system to mitigate timing-channel leakage across full-scale existing operating systems such as Linux and applications in arbitrary languages. Mitigation incurs a varying performance cost, depending on workload and tunable leakage-limiting parameters, but this cost may be justified for security-critical cloud applications and data.

READ FULL TEXT

page 10

page 11

page 12

03/27/2010

Determinating Timing Channels in Compute Clouds

Timing side-channels represent an insidious security challenge for cloud...
03/10/2017

Ozone: Efficient Execution with Zero Timing Leakage for Modern Microarchitectures

Time variation during program execution can leak sensitive information. ...
02/23/2022

IOTLB-SC: An Accelerator-Independent Leakage Source in Modern Cloud Systems

Recent research in micro-architectural attacks has uncovered a variety o...
03/14/2018

A Game-Theoretic Framework for the Virtual Machines Migration Timing Problem

In a multi-tenant cloud, a number of Virtual Machines (VMs) are collocat...
06/14/2022

Frequency Throttling Side-Channel Attack

Modern processors dynamically control their operating frequency to optim...
06/21/2019

Quantitative Mitigation of Timing Side Channels

Timing side channels pose a significant threat to the security and priva...