How Kernel Randomization is Canceling Memory Deduplication in Cloud Computing Systems

Cloud computing dramatically impacted the way we play, work and live. It has been widely adopted in many sectors mainly because it reduces the cost of performing tasks in a flexible, scalable and reliable way. The highest possible level of protection must be applied in order to provide a secure cloud computing architecture. Unfortunately, the cloud computing paradigm introduces new scenarios where security protection techniques are weakened or disabled to obtain better performance and resources exploitation. An important case is the memory deduplication mechanism which is canceled by the address space layout randomization (ASLR) protection technique. In this paper, we present a precise analysis of the impact on the memory deduplication technique when kernel randomization is enabled. Our experiments show that the memory overhead to run 24 kernels is increased by 534% (from 613 MiB to 3.9 GiB) when kernel ASLR is enabled.

[1]  Safraz Rampersaud,et al.  A Sharing-Aware Greedy Algorithm for Virtual Machine Maximization , 2014, 2014 IEEE 13th International Symposium on Network Computing and Applications.

[2]  Ismael Ripoll,et al.  On the Effectiveness of NX, SSP, RenewSSP, and ASLR against Stack Buffer Overflows , 2014, 2014 IEEE 13th International Symposium on Network Computing and Applications.

[3]  Borja Sotomayor,et al.  Virtual Infrastructure Management in Private and Hybrid Clouds , 2009, IEEE Internet Computing.

[4]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[5]  George Varghese,et al.  Difference engine , 2010, OSDI.

[6]  Cyrille Artho,et al.  Effects of Memory Randomization, Sanitization and Page Cache on Memory Deduplication , 2012, EuroSec 2012.

[7]  Hao Xu,et al.  Exploitations of Uninitialized Uses on macOS Sierra , 2017, WOOT.

[8]  Balachandra Reddy Kandukuri,et al.  Cloud Security Issues , 2009, 2009 IEEE International Conference on Services Computing.