Hyunwook Baek, Eric Eide, Robert Ricci, and Jacobus (Kobus) Van der Merwe

Proceedings of the 2018 ACM Symposium on Cloud Computing (SoCC) 2018.

DOI: 10.1145/3267809.3267843

© Copyright 2018 ACM

View PDF or BibTeX.

areas
Networking, Security, Cloud

abstract

Though there has been much study of information leakage channels exploiting shared hardware resources (memory, cache, and disk) in cloud environments, there has been less study of the exploitability of shared software resources. In this paper, we analyze the exploitability of cloud networking services (which are shared among cloud tenants) and introduce a practical method for building information leakage channels by monitoring workloads on the cloud networking services through the virtual firewall. We also demonstrate the practicality of this attack by implementing two different covert channels in OpenStack as well as a new class of side channels that can eavesdrop on infrastructure-level events. By utilizing a Long Short-Term Memory (LSTM) neural network model, our side channel attack could detect infrastructure level VM creation/termination events with 93.3% accuracy.