A Study on Microarchitectural Covert Channel Vulnerabilities in Infrastructure-as-a-Service. / Semal, Benjamin; Markantonakis, Konstantinos; Akram, Raja Naeem; Kalbantner, Jan.

2020. 360-377 Paper presented at 2nd Workshop on Cloud Security and Privacy, Rome, Italy.

Research output: Contribution to conferencePaper

E-pub ahead of print

Standard

A Study on Microarchitectural Covert Channel Vulnerabilities in Infrastructure-as-a-Service. / Semal, Benjamin; Markantonakis, Konstantinos; Akram, Raja Naeem; Kalbantner, Jan.

2020. 360-377 Paper presented at 2nd Workshop on Cloud Security and Privacy, Rome, Italy.

Research output: Contribution to conferencePaper

Harvard

APA

Vancouver

Author

BibTeX

@conference{60fbc7b8df314f66822a9cbfdd5ed103,
title = "A Study on Microarchitectural Covert Channel Vulnerabilities in Infrastructure-as-a-Service",
abstract = "Microarchitectural cross-VM covert channels are software-launched attacks which exploit multi-tenant environments' shared hardware. They enable transmitting information from a compromised system when the information flow policy does not allow to do so. These attacks represent a threat to the confidentiality and integrity of data processed and stored on cloud platforms. Although potentially severe, covert channels tend to be overlooked due to an allegedly strong adversary model. The literature focuses on mechanisms for encoding information through timing variations, without addressing practical considerations. Furthermore, the field lacks a realistic evaluation framework. Covert channels are usually compared to each other using the channel capacity. While a valuable performance metric, the capacity is inadequate to assess the severity of an attack. In this paper, we conduct a comprehensive study on the severity of microarchitectural covert channels in public clouds. State-of-the-art attacks are evaluated against the Common Vulnerability Scoring System in its most recent version (CVSS v3.1). The study shows that a medium severity score of 5.0 is achieved. In comparison, the SSLv3 POODLE (CVE-2014-3566) and OpenSSL Heartbleed (CVE-2014-0160) vulnerabilities achieved respective scores of 3.1 and 7.5. As such, the paper successfully demonstrates that covert channels are not theoretical threats, and that they require the immediate attention of the community. Furthermore, we devise a new and independent scoring system, the Covert Channel Scoring System (CCSS). The scoring of related works under the CCSS shows that cache-based covert channels, although more and more popular, are the least practical ones to deploy. We encourage authors of future cross-VM covert channel attacks to include a CCSS metric in their study, in order to account for deployment constraints and provide a fair point of comparison for the adversary model.",
author = "Benjamin Semal and Konstantinos Markantonakis and Akram, {Raja Naeem} and Jan Kalbantner",
year = "2020",
month = oct,
day = "14",
doi = "10.1007/978-3-030-61638-0_20",
language = "English",
pages = "360--377",
note = "2nd Workshop on Cloud Security and Privacy ; Conference date: 19-10-2020 Through 22-10-2020",
url = "https://www.albany.edu/cloudsp2020/index.html",

}

RIS

TY - CONF

T1 - A Study on Microarchitectural Covert Channel Vulnerabilities in Infrastructure-as-a-Service

AU - Semal, Benjamin

AU - Markantonakis, Konstantinos

AU - Akram, Raja Naeem

AU - Kalbantner, Jan

PY - 2020/10/14

Y1 - 2020/10/14

N2 - Microarchitectural cross-VM covert channels are software-launched attacks which exploit multi-tenant environments' shared hardware. They enable transmitting information from a compromised system when the information flow policy does not allow to do so. These attacks represent a threat to the confidentiality and integrity of data processed and stored on cloud platforms. Although potentially severe, covert channels tend to be overlooked due to an allegedly strong adversary model. The literature focuses on mechanisms for encoding information through timing variations, without addressing practical considerations. Furthermore, the field lacks a realistic evaluation framework. Covert channels are usually compared to each other using the channel capacity. While a valuable performance metric, the capacity is inadequate to assess the severity of an attack. In this paper, we conduct a comprehensive study on the severity of microarchitectural covert channels in public clouds. State-of-the-art attacks are evaluated against the Common Vulnerability Scoring System in its most recent version (CVSS v3.1). The study shows that a medium severity score of 5.0 is achieved. In comparison, the SSLv3 POODLE (CVE-2014-3566) and OpenSSL Heartbleed (CVE-2014-0160) vulnerabilities achieved respective scores of 3.1 and 7.5. As such, the paper successfully demonstrates that covert channels are not theoretical threats, and that they require the immediate attention of the community. Furthermore, we devise a new and independent scoring system, the Covert Channel Scoring System (CCSS). The scoring of related works under the CCSS shows that cache-based covert channels, although more and more popular, are the least practical ones to deploy. We encourage authors of future cross-VM covert channel attacks to include a CCSS metric in their study, in order to account for deployment constraints and provide a fair point of comparison for the adversary model.

AB - Microarchitectural cross-VM covert channels are software-launched attacks which exploit multi-tenant environments' shared hardware. They enable transmitting information from a compromised system when the information flow policy does not allow to do so. These attacks represent a threat to the confidentiality and integrity of data processed and stored on cloud platforms. Although potentially severe, covert channels tend to be overlooked due to an allegedly strong adversary model. The literature focuses on mechanisms for encoding information through timing variations, without addressing practical considerations. Furthermore, the field lacks a realistic evaluation framework. Covert channels are usually compared to each other using the channel capacity. While a valuable performance metric, the capacity is inadequate to assess the severity of an attack. In this paper, we conduct a comprehensive study on the severity of microarchitectural covert channels in public clouds. State-of-the-art attacks are evaluated against the Common Vulnerability Scoring System in its most recent version (CVSS v3.1). The study shows that a medium severity score of 5.0 is achieved. In comparison, the SSLv3 POODLE (CVE-2014-3566) and OpenSSL Heartbleed (CVE-2014-0160) vulnerabilities achieved respective scores of 3.1 and 7.5. As such, the paper successfully demonstrates that covert channels are not theoretical threats, and that they require the immediate attention of the community. Furthermore, we devise a new and independent scoring system, the Covert Channel Scoring System (CCSS). The scoring of related works under the CCSS shows that cache-based covert channels, although more and more popular, are the least practical ones to deploy. We encourage authors of future cross-VM covert channel attacks to include a CCSS metric in their study, in order to account for deployment constraints and provide a fair point of comparison for the adversary model.

U2 - 10.1007/978-3-030-61638-0_20

DO - 10.1007/978-3-030-61638-0_20

M3 - Paper

SP - 360

EP - 377

T2 - 2nd Workshop on Cloud Security and Privacy

Y2 - 19 October 2020 through 22 October 2020

ER -