Written by : Thomas Ristenpart, Eran Tromer, Hovav Shacham,

Slides:



Advertisements
Similar presentations
Distributed System Lab.1 Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds Thomas Ristenpart ¤, Eran Tromer, Hovav.
Advertisements

Rohit Kugaonkar CMSC 601 Spring 2011 May 9 th 2011
Lecture 5: Cloud Security: what’s new? Xiaowei Yang (Duke University)
Lecture 4: Cloud Computing Security: a first look Xiaowei Yang (Duke University)
Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 3 02/15/2010 Security and Privacy in Cloud Computing.
Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds Yan Qiang,
Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 11 04/25/2011 Security and Privacy in Cloud Computing.
Infrastructure as a Service (IaaS) Amazon EC2
Hey You, Get Off My Cloud: Exploring information Leakage in third party compute clouds T.Ristenpart, Eran Tromer, Hovav Shacham and Steven Savage ACM CCS.
Hey, You, Get Off of My Cloud
By Christopher Moran, Nicoara Talpes 1.  Solution is addressed to VMs that are web servers  Web servers should not have confidential information anyway.
By: Kathleen Walters CLOUD COMPUTING Definition Cloud computing allows multiple computers to connect to one main network. Instead of installing different.
Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds by Thomas Ristenpart et al. defended by Ning Xia & Najim Yaqubie.
Full AES key extraction in 65 milliseconds using cache attacks
What is Cloud Computing? o Cloud computing:- is a style of computing in which dynamically scalable and often virtualized resources are provided as a service.
Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds By Thomas Ristenpart Eran Tromer Hovav Shacham Stefan Savage.
Authors: Thomas Ristenpart, et at.
Secure Cloud Computing with Virtualized Network Infrastructure HotCloud 10 By Xuanran Zong.
1 Integrating a Network IDS into an Open Source Cloud Computing Environment 1st International Workshop on Security and Performance in Emerging Distributed.
Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 2 02/01/2010 Security and Privacy in Cloud Computing.
A User Experience-based Cloud Service Redeployment Mechanism KANG Yu.
Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds Written by Thomas Ristenpart Eran Tromer Hovav Shacham Stehan.
Eliminating Fine Grained Timers in Xen Bhanu Vattikonda with Sambit Das and Hovav Shacham.
SECURITY IN CLOUD COMPUTING By Bina Bhaskar Anand Mukundan.
Cloud Computing. What is Cloud Computing? Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable.
Chapter 3.  Help you understand different types of servers commonly found on a network including: ◦ File Server ◦ Application Server ◦ Mail Server ◦
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 4 09/10/2013 Security and Privacy in Cloud Computing.
Team 6: (DDoS) The Amazon Cloud Attack Kevin Coleman, Jeffrey Starker, Karthik Rangarajan, Paul Beresuita, Arunabh Verma and Amay Singhal.
Thomas Ristenpart,Eran Tromer, Horav Shahcham and Stefan Savage
Cloud security Tom Ristenpart CS Software-as-a-service Infrastructure-as-a- service Cloud providers Cloud computing NIST: Cloud computing is a model.
HEY, YOU, GET OFF OF MY CLOUD: EXPLORING INFORMATION LEAKAGE IN THIRD-PARTY COMPUTE CLOUDS Eran Tromer MIT Hovav Shacham UCSD Stefan Savage UCSD ACM CCS.
A paper by Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security,
Security Issues in Cloud Environment Vamshi. Cloud Environment Security My project.
3/12/2013Computer Engg, IIT(BHU)1 CLOUD COMPUTING-1.
References: “Hey, You, Get Off My Cloud: Exploring Information Leakage in Third-Party Compute Clouds” by Thomas Ristenpart, Eran Tromer – UC San Diego;
Hey, You, Get Off of My Cloud Thomas Ristenpart, Eran Tromer, Hovav Shacham, Stefan Savage Presented by Daniel De Graaf.
Launch Amazon Instance. Amazon EC2 Amazon Elastic Compute Cloud (Amazon EC2) provides resizable computing capacity in the Amazon Web Services (AWS) cloud.
Chapter 11 – Cloud Application Development. Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice.
© 2012 Eucalyptus Systems, Inc. Cloud Computing Introduction Eucalyptus Education Services 2.
© 2015 MetricStream, Inc. All Rights Reserved. AWS server provisioning © 2015 MetricStream, Inc. All Rights Reserved. By, Srikanth K & Rohit.
Thomas Ristenpart , Eran Tromer, Hovav Shacham ,Stefan Savage CCS’09
SEMINAR ON.  OVERVIEW -  What is Cloud Computing???  Amazon Elastic Cloud Computing (Amazon EC2)  Amazon EC2 Core Concept  How to use Amazon EC2.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Prof. Jong-Moon Chung’s Lecture Notes at Yonsei University
Mapping/Topology attacks on Virtual Machines
Unit 3 Virtualization.
CLOUD ARCHITECTURE Many organizations and researchers have defined the architecture for cloud computing. Basically the whole system can be divided into.
Virtual Machine Monitors
Chapter 6: Securing the Cloud
Hey, You, Get Off of My Cloud
UNIVERSITY OF HOUSTON Start
Alina Oprea Associate Professor, CCIS Northeastern University
Amazon Instance Purchasing Options
Hybrid Cloud Architecture for Software-as-a-Service Provider to Achieve Higher Privacy and Decrease Securiity Concerns about Cloud Computing P. Reinhold.
MCSA VCE
Amazon Web Services The Basics.
Whether you decide to use hidden frames or XMLHttp, there are several things you'll need to consider when building an Ajax application. Expanding the role.
Oracle Solaris Zones Study Purpose Only
Anna Giannakou Christine Morin, Jean-Louis Pazat, Louis Rilling
Managing Clouds with VMM
VIRTUALIZATION & CLOUD COMPUTING
Welcome and thank you for choosing SharkGate
Outline Virtualization Cloud Computing Microsoft Azure Platform
Zhen Xiao, Qi Chen, and Haipeng Luo May 2013
AWS Cloud Computing Masaki.
Cloud Computing: Concepts
Cloud and Database Security
Exploring Information Leakage in Third-Party Compute Clouds
Presentation transcript:

“Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds” Written by : Thomas Ristenpart, Eran Tromer, Hovav Shacham, Stefan Savage Presented by: Ibrahim Elsayed

Overview What is the cloud? New threats in cloud computing Research questions Experiment Explore cloud infrastructure. Determine co-residency. Achieve co-residency. Exploit information. What can we do? Conclusion

Cloud Computing What is the cloud? The new infrastructure for hosting data and deploying software and services. Benefits Cost Savings Scalability Flexibility

Cloud Computing On-demand computing outsourcing Examples: Amazon’s EC2 (Elastic Compute Cloud) Microsoft’s Azure Service Platform Rackspace’s Mosso New Threats: Trust relationship between customer and cloud provider Multi-tenancy (security threat)

Multi-tenancy Your instance is placed on the same server with other customers

Research Motivation Explore the threats of multi-tenancy in cloud computing Provide experimental results of the impact of these threats using a real cloud service provider (Amazon EC2) as a case study

Research Questions Can one determine where in the cloud infrastructure an instance is located? Can one easily determine if two instances are co-resident on the same physical machine? Can an adversary launch instances that will be co-resident with other user’s instances? Can an adversary exploit cross-VM information leakage once co-resident?

AMAZON ELASTIC COMPUTE CLOUD - EC2 Scalable, pay-as-you-go compute capacity in the cloud Customers can run different operating systems within a virtual machine Different regions and availability zones

Attack The attack considered requires two main steps: 1- Placement Place a malicious VM on the same physical machine as that of the victim 2- Extraction extract confidential information from the victim via a side channel attack

Attacker Not affiliated with the provider (third-party user) Can run many instances at the same time Can create multiple accounts Up to 20 instances per account

Cloud Cartography Try to learn about how Amazon places instance in order to carry out the attack Each instance assigned internal and external IP address Review addresses assigned to a large number of launched instances

Determining Co-Residence Co-resident: instances running on same machine Network-based co-residence checks: Matching (host domain) Dom0 IP address Small packet round-trip times 10 RTTs 1st always slow Use last 9 Numerically close internal IP address (within 7)

Achieving co-residency Two main techniques are presented to become co-resident with another user: Brute Force launch many instances over a relatively long period of time. Abusing Placement Locality Target recently launched attacks.

Brute-Force Placement Launch many instances within a time frame If co-resident, successful placement Else, terminate probe instance Of 1686 target victims co-residence achieved with 141 victim servers ( 8.4% coverage of targets). Max 20 simultaneous instance for one account. Allows reasonable success rate when used to target large target sets

Placement Locality Recall that one of the main features of cloud computing is to only run servers when needed. This suggests that servers are often run on instances, terminated when not needed, and later run again. The key idea is to catch the time at which the victim turns on (relaunches) his instance.

EC2 Placement Policy Placement locality Sequential placement locality Two instance run sequentially are often assigned to the same machine (one starts after one terminated). Parallel placement locality Two instance from distinct accounts run roughly at the same time are often assigned to the same machine.

Placement Locality Attack recently launched instances (temporal locality). Monitor a server’s state (e.g., via network probing). Launch lots of instances right after the launch of victim’s instance. Experiment Single victim instance is launched Attacker launches 20 instances within 5 minutes (in appropriate zone and type) Perform co-residence check

Placement Locality Experiments achieved an 40% coverage of targets.

Exploiting co-residence CPU contains small and fast memory cache shared by all instances .

Exploiting co-residence CPU contains small and fast memory cache shared by all instances . If the attacker accesses the memory, it is served from the cache

Exploiting co-residence CPU contains small and fast memory cache shared by all instances . If the attacker accesses the memory, it is served from the cache if the victim accesses the memory, the cache fills up and the attacker notices a slow-down

Exploiting co-residence Time-shared cache allows an attacker to measure when other instances are experiencing computational load Web traffic monitoring

Exploiting co-residence Also, the attacker can deduce the memory access patterns of the victim Example: if the victim is performing RSA or AES decryption, the access patterns are determined by the secret key Attacker can steal AES secret key in 65 milliseconds

Keystroke timing attack Cache load measurements used to mount a keystroke attack The goal is to measure the time between keystrokes made by a victim typing a password Report a keystroke when the probing measurement is between 3.1 μs and 9 μs (upper threshold filters out unrelated activity) Inter-keystroke times if properly measures can be used to perform recovery of the password

Inhibiting Side-Channel Attacks Blinding techniques Cache wiping, random delay insertion, adjust machine’s perception of time But, are these effective? Usually, impractical and application specific May not be possible to PLUG all side-channels Only way: AVOID co-residence

Research Questions - Answered Can one determine where in the cloud infrastructure an instance is located? - Yes. Can one easily determine if two instances are co-resident on the same physical machine? Can an adversary launch instances that will be co-resident with other user’s instances? Can an adversary exploit cross-VM information leakage once co-resident? - Sort of.

Summary New risks from cloud computing exposed Shared physical infrastructure may and most likely will cause problems Practical attack performed Suggested countermeasure

Resources https://cse.sc.edu/~huangct/CSCE813F15/CCS09_cloudsec.pdf https://eprint.iacr.org/2005/271.pdf http://rump2009.cr.yp.to/8d9cebc9ad358331fcde611bf45f735d.pdf http://zoo.cs.yale.edu/classes/cs722/2011/esyta_cloud.pdf