A Study of Microarchitectural Covert Channel Vulnerabilities in Public Clouds. / Semal, Benjamin; Markantonakis, Konstantinos; Akram, Raja Naeem.


Research output: Contribution to conferencePaper

E-pub ahead of print


  • Accepted Manuscript

    Accepted author manuscript, 304 KB, PDF document


Data confidentiality is put at risk on cloud platforms where multiple tenants share the underlying hardware. As multiple workloads are executed concurrently, conflicts in memory resource occur, resulting in observable timing variations during execution. Malicious tenants can intentionally manipulate the hardware platform to devise a covert channel, enabling them to steal the data of co-residing tenants. While potentially disastrous, covert channel attacks inherently rely on a strong adversary model. The attacker needs to run malicious code (i.e. the sending-end) in the victim's environment. This paper studies the feasibility of timing-based microarchitectural covert channels on public cloud platforms. We analyze existing cross-VM microarchitectural covert channels and describe their basic concept. A threat model based on the ``remote insider'' adversary is proposed, which benefits from the complexity of the software supply chain. Our analysis demonstrates that even a weak adversary can insert a covert channel trojan in third-party cloud instances. This work is the first comprehensive threat analysis of microarchitectural covert channel attacks against public clouds. The paper concludes on new research directions in addressing covert channel vulnerabilities.
Original languageEnglish
Publication statusE-pub ahead of print - 2020

ID: 36215353