1. Exploring Information Leakage in Third-Party Compute Clouds1
Exploring Information Leakage in Third-Party Compute Clouds

3. Introduction Cloud computing:3
Introduction
Cloud computing:
Applications delivered as services over the internet
Hardware and systems software in the data centers

4. 4
SaaS, PaaS, and IaaS

5. Infrastructure as a Service
Infrastructure: server, storage, network, data center…
User does not manage underlying cloud infrastructure
User specify when to request and release resources
Example: Amazon EC2

6. Software as a Service Browser-initiated application software
User: no upfront investment in services or software licensing
Provider: low costs
Example: Google Apps

7. Platform as a Service Between IaaS and SaaS
Enables user to deploy user-built applications onto a virtualized cloud platform
Example: Windows Azure

8. Cloud Computing Infrastructure8
Cloud Computing Infrastructure
Local computing (left figure)
Cloud computing (right figure)

9. Cloud providers Third party cloud computing Microsoft Azure Amazon EC29
Cloud providers
Third party cloud computing
Microsoft Azure
Amazon EC2
Google AppEngine
Rackspace Mosso
Baidu Cloud

10. Benefits and risks Benefits Economics of scale: huge data center
1010
Benefits and risks
Benefits
Economics of scale: huge data center
Low capital expenditure
Dynamic provisioning (under utilize or saturation)

11. Benefits and risks Risks
1111
Benefits and risks
Risks
Inherited risk between client and cloud provider
Stable? Trustworthy?
Implicit threat from other clients due to shared physical resources

12. Virtualized cloud platforms
Management VM (dom0)
Work VM
Work VM
Work VM
Hypervisor
Hardware
Examples: Amazon EC2, Microsoft Azure, OpenStack, RackSpace Hosting

13. Data breaches on the cloud a common occurrence:
Microsoft: Spying on employee’s Hotmail account
Google employee: Spying on children’s data
NSA Snowden data leaks
Enterprises like banks and finance companies prefer to use in-house cloud offerings rather than opting for public cloud platforms

14. The threat model Provider Administrator
On the cloud, we have providers and administrators
and other clients
Provider
Administrator

15. Management VM (dom0)
Work VM
Work VM
Work VM
Hypervisor
Hardware

16. Example: Malware detection
Management VM
Client’s VM
Checking daemon
Code
Data 2
Process the page
Sec.
Policy ? 3 1
Alert
user
Resume
guest
Hypervisor
[Example: Gibraltar – Baliga, Ganapathy and Iftode, ACSAC’08]

17. Problem ? Hypervisor Management VM Client’s VM Checking daemon Code
Clients must rely on provider to deploy customized services
Management VM
Client’s VM
Checking daemon
Code
Data 2
Process the page
Sec.
Policy ? 3 1
Alert
user
Resume
guest
Hypervisor

18. Malicious cloud administrator
Problem
Client code & data secrecy and integrity vulnerable to attack
Management VM
Client’s VM
Checking daemon
Code
Data 2
Process the page
Sec.
Policy ? 3 1
Malicious cloud administrator
Alert
user
Resume
guest
Hypervisor

19. An interlude
Suppose that you are a cloud provider. You claim to provide a certain hardware/VM/OS configuration and charge me accordingly.
I am a client and paid you for a certain HW/SW configuration.
How do I know that I’m getting what I paid for?
How do I know that your software stack isn’t snooping on my activities?

20. One answer: Trusted hardware
The Trusted Platform Module (TPM).
Widely available: currently on most modern motherboards. About $5 to purchase.
Next lecture:
Software Guard Extensions (SGX)
An upcoming trusted hardware architecture from Intel.

21. 2121
Hey you, get off my cloud
Multiplexing VMs on the same physical hardware (potential threat!)

22. Motivation & Goal Motivation Goal
2222
2222
Motivation & Goal
Motivation
Authors fear the confidentiality within compute clouds will be compromised
Medical records, e-commerce (credit cards), etc.
Goal
Prove the existence of confidentiality breach within EC2
Suggest countermeasures

23. Procedure Overview Placement Extraction
2323
Procedure Overview
Placement
Placing adversary’s VM on the physical machine which hosts the victim’s VM
Attacker-Victim VM Co-residence Strategy
Proving Co-residence
Extraction
Extract confidential information
Via “Manipulation of shared physical resource”
“Information Leakage”
Side channel Attacks

24. Threat Model (for this paper)
2424
Threat Model (for this paper)
Adversaries are non-provider-affiliated malicious third party
Victims are running confidentiality-requiring services in the cloud
Attackers who are either interested in attacking some known hosted services or attacking a particular victim service
Enabled by cloud computing relying on same physical computing resources

25. Probing and Attacking Strategy
2525
Probing and Attacking Strategy
The paper studies the risk of attacks in below strategy
Can one determine where in the cloud infrastructure an instance is located?
Can one easily determine if two instances are co-resident on the same physical machine?
Can an adversary launch instances that will be co-resident with other user’s instances?
Can an adversary exploit cross-VM information leakage once co-resident?

26. 2626
Amazon AWS and EC2
Best known as Amazon Web Service and Elastic Cloud Computing
Flexibly rent computing resources (on demand)
Ability to run VMs with guest OSs as Linux/Ubuntu/FreeBSD/OpenSolaris/Windows
Xen hypervisor and Domain0 (previlieged VM) to manage guest images, resource provisioning and access control

27. Amazon EC2 Register Amazon AWS account
2727
Amazon EC2
Register Amazon AWS account
Creates VM images with your choice of OS
Bring up one or more instances of VM images

28. 2828
Amazon EC2
Three degrees of freedom in specifying physical infrastructure where instances should run
Regions (US, Europe, Asia, etc.)
Availability zones (Power/Network connectivity)
Instance type (micro, small, medium, large, xlarge) 32/64bit with different computing power/memory/storage capacity
VMs placed on available physical servers shared by multiple instances

29. Amazon EC2 VMs have access to many network probing tools
2929
Amazon EC2
VMs have access to many network probing tools
nmap, hping, wget
Arbitrary attack code which attacks other guest OS (VM instances)
External vs. internal probes

30. 3030
Cloud Cartography
Map the EC2 service to understand where potential targets are located in the cloud
Hypothesis – availability zones and instant types respond to different internal IP addresses
Methods
Surveying public servers on EC2
Launching various types of EC2

31. Fuller map of EC2
Public EC2 IP address: unique internal IPs responsive to port 80/443
IPs from same /16 are of the same zone
/24 containing a Dom0 IP address

32. 3232
Cloud Cartography

33. 3333
Mapping Significance
Showed that internal IPs were assigned correlates with zone and VM type
Adversary can infer zones and instances types of the target
Such patterns can be exploited to ensure maximum likelihood of Co-residence
Prevention of mapping
Remove clustering based on zone & VM type
Make it harder to map external/internal IPs
VLANs and bridging

34. Co-residence Proof Matching Dom0 IP address
3434
Co-residence Proof
Matching Dom0 IP address
Small packet round-trip times
Numerically close internal IP address

35. Co-residence Proof Matching Dom0 IP
3535
Co-residence Proof
Matching Dom0 IP
Special-privileged “first guest OS”, which manages routing of traffic to other guest VMs
Using two traceroute to identify
First hop = attacker instance’s Dom0 IP
Last hop = victim instance’s Dom0 IP
Done on a different physical machine
31 out of 400 pairs of instances found that have equal domain address

36. Co-residence Proof Round trip times Numerically close IPs within 7
3636
Co-residence Proof
Round trip times
instances
Numerically close IPs within 7
Only 8 VM instances on a physical machine

37. Co-residency Obfuscation
3737
Co-residency Obfuscation
Dom0 does not respond to traceroute
Randomly assign internal IP address
Isolate accounts

38. Exploring Placement in EC2
3838
Exploring Placement in EC2
No 2 instances from 1 account simultaneously running on the same physical machine
- N instances would run on n separate machines
One physical machine support a maximum 8 m1.small instances
- No chance to penetrate if target’s instance is on a full machine
Placement loyalty
-Sequential placement vs parallel placement

39. Exploiting Placements in EC2
3939
Exploiting Placements in EC2
Method 1: Brute-forcing
Target victim, infer likely zone and instance type from cloud map
Initiate many instances of the same zone and type as the victim over long time period
Check for co-residence
Of 1686 victims, 141 successful co-residencies using 1785 attacker instances
8.4% coverage

40. Exploiting Placements in EC2
4040
Exploiting Placements in EC2
Method 2: Abusing placement locality
Effects of zone/account/time of day
Effects of increased time lag
On targeting commercial instances

41. Exploiting Placements in EC2
4141
Exploiting Placements in EC2
The effect of increased time lag

42. Exploiting Placements in EC2
4242
Exploiting Placements in EC2
Anti-Placement Strategy
Authors suggest letting users control where their VM instances run
Users decide who to share hardware with
Users pay extra for loss of efficiency

43. Cross-VM Information Leakage
4343
Cross-VM Information Leakage
Side channels to learn information about co-resident instances
Other channels: network access, CPU branch predictors and instruction caches, DRAM memory bus, etc
Prime + Trigger + Probe measurement technique
Prime: Read B at s-byte offsets in order to ensure it is cached
Trigger: Busy-loop until the CPU’s cycle counter jumps by a large value
Probe: Measure the time it takes to again read B at s-byte offsets.

44. Cross-VM Information Leakage
4444
Cross-VM Information Leakage
Load-based co-residence detection

45. Cross-VM Information Leakage
4545
Cross-VM Information Leakage
Estimating traffic rates
Keystroke timing attack
victim inputting SSH password becomes insecure

46. Conclusions Solutions/Suggestion Contributions
4646
Conclusions
Solutions/Suggestion
Contributions
Identified security risk of EC2
Tied together exploits using
Addressed legal, ethical concerns