Detecting Compute Cloud Co-residency with Network Flow Watermarking Techniques

Simple item page
dc.contributor.advisorButler, Kevinen_US
dc.contributor.authorBates, Adamen_US
dc.creatorBates, Adamen_US
dc.date.accessioned2012-12-07T23:10:35Z
dc.date.available2012-12-07T23:10:35Z
dc.date.issued2012
dc.description.abstractThis paper presents co-resident watermarking, a traffic analysis attack for cloud environments that allows a malicious co-resident virtual machine to inject a watermark signature into the network flow of a target instance. This watermark can be used to exfiltrate co-residency data, compromising isolation assurances. While previous work depends on virtual hypervisor resource management, our approach is difficult to defend without costly underutilization of the physical machine. We evaluate co-resident watermarking under many configurations, from a local lab environment to production cloud environments. We demonstrate the ability to initiate a covert channel of 4 bits per second, and we can confirm co-residency with a target VM instance in less than 10 seconds. We also show that passive load measurement of the target and behavior profiling is possible. Our investigation demonstrates the need for the careful design of hardware to be used in the cloud. This thesis includes unpublished co-authored material.en_US
dc.identifier.urihttps://hdl.handle.net/1794/12507
dc.language.isoen_USen_US
dc.publisherUniversity of Oregonen_US
dc.rightsAll Rights Reserved.en_US
dc.subjectCloud Computingen_US
dc.subjectCloud Securityen_US
dc.subjectCovert Channelen_US
dc.subjectNetwork Flow Watermarkingen_US
dc.titleDetecting Compute Cloud Co-residency with Network Flow Watermarking Techniquesen_US
dc.typeElectronic Thesis or Dissertationen_US

Files

Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
Bates_oregon_0171N_10479.pdf
Size:
534.35 KB
Format:
Adobe Portable Document Format
Download

Collections

Theses and Dissertations
Computer Science Theses and Dissertations