Cache attack detection in virtualized environments

Abstract Cache Side Channel (CSC) attacks are prominent security threats in modern day processors. CSC attacks have caused a large impact in security and widespread concern in information security community. The objective of CSC attacks is to crack the confidentiality of a computer system and extract sensitive secrets through CPU caches. CSC attacks do not require any specific permission and just need access to a shared cache. CSC attacks are subtle, powerful and much more feasible in virtualized environments than in non-virtualized environments. To help protect security in virtualization environments, CSC attacks detection methods have become critical and important. The Flush+Flush cache attack technique, as the most recent CSC attack variant demonstrated that the state-of-the-art discovery methods can be simply sidestepped. In this paper, we introduce novel approach that make the detection of Flush+Flush cache attack in virtualized environments.

[1]  Klaus Wagner,et al.  Flush+Flush: A Fast and Stealthy Cache Attack , 2015, DIMVA.

[2]  Ramesh Chandra Poonia,et al.  Case Study on WSN Based Smart Home Garden with Priority Driven Approach , 2017, J. Cases Inf. Technol..

[3]  Ruby B. Lee,et al.  Analyzing Cache Side Channels Using Deep Neural Networks , 2018, ACSAC.

[4]  Linesh Raja,et al.  A study on m-health inline with the sensors applying for a real time environment , 2017 .

[5]  Linesh Raja,et al.  Improved intelligent transport system for reliable traffic control management by adapting internet of things , 2017, INFOCOM 2017.

[6]  Biswabandan Panda Cache Based Side-Channel Attacks , 2020 .

[7]  Jean-Marc Menaud,et al.  Side-channels beyond the cloud edge: New isolation threats and solutions , 2017, 2017 1st Cyber Security in Networking Conference (CSNet).

[8]  Sherali Zeadally,et al.  Virtualization: Issues, security threats, and solutions , 2013, CSUR.

[9]  Cemal Yilmaz,et al.  SpyDetector: An approach for detecting side-channel attacks at runtime , 2018, International Journal of Information Security.

[10]  Klaus Wagner,et al.  Flush+Flush: A Stealthier Last-Level Cache Attack , 2015, ArXiv.

[11]  Guy Gogniat,et al.  Run-time Detection of Prime + Probe Side-Channel Attack on AES Encryption Algorithm , 2018, 2018 Global Information Infrastructure and Networking Symposium (GIIS).

[12]  Jean-Louis Lanet,et al.  Innovative Security Solutions for Information Technology and Communications , 2018, Lecture Notes in Computer Science.

[13]  Darshan Tank Security and Privacy Issues, Solutions, and Tools for MCC , 2017 .

[14]  Yue Yin,et al.  Detecting Virtualization Specific Vulnerabilities in Cloud Computing Environment , 2017, 2017 IEEE 10th International Conference on Cloud Computing (CLOUD).

[15]  Gorka Irazoqui Apecechea,et al.  S$A: A Shared Cache Attack That Works across Cores and Defies VM Sandboxing -- and Its Application to AES , 2015, 2015 IEEE Symposium on Security and Privacy.

[16]  ZiHao Wang,et al.  Zero in and TimeFuzz: Detection and Mitigation of Cache Side-Channel Attacks , 2018, SecITC.

[17]  Linesh Raja,et al.  On-Demand Routing Protocols for Vehicular Cloud Computing , 2021, Research Anthology on Architectures, Frameworks, and Integration Strategies for Distributed and Cloud Computing.

[18]  Nirbhay Chaubey,et al.  Virtualization vulnerabilities, security issues, and solutions: a critical study and comparison , 2019, International Journal of Information Technology.

[19]  Daisuke Miyamoto,et al.  Leveraging KVM Events to Detect Cache-Based Side Channel Attacks in a Virtualization Environment , 2018, Secur. Commun. Networks.