Si Yu,Xiaolin Gui,Jiancai Lin,Feng Tian,Jianqiang Zhao,Min Dai

DOI: https://doi.org/10.1155/2014/805923

2014-01-01

The Scientific World JOURNAL

Abstract:Cloud computing gets increasing attention for its capacity to leverage developers from infrastructure management tasks. However, recent works reveal that side channel attacks can lead to privacy leakage in the cloud. Enhancing isolation between users is an effective solution to eliminate the attack. In this paper, to eliminate side channel attacks, we investigate the isolation enhancement scheme from the aspect of virtual machine (VM) management. The security-awareness VMs management scheme (SVMS), a VMs isolation enhancement scheme to defend against side channel attacks, is proposed. First, we use the aggressive conflict of interest relation (ACIR) and aggressive in ally with relation (AIAR) to describe user constraint relations. Second, based on the Chinese wall policy, we put forward four isolation rules. Third, the VMs placement and migration algorithms are designed to enforce VMs isolation between the conflict users. Finally, based on the normal distribution, we conduct a series of experiments to evaluate SVMS. The experimental results show that SVMS is efficient in guaranteeing isolation between VMs owned by conflict users, while the resource utilization rate decreases but not by much.

Ji-Ming Chen,Shi Chen,Xiang Wang,Lin,Li Wang

DOI: https://doi.org/10.1155/2021/2729949

IF: 1.968

2021-01-01

Security and Communication Networks

Abstract:With the rapid development of Internet of Things technology, a large amount of user information needs to be uploaded to the cloud server for computing and storage. Side-channel attacks steal the private information of other virtual machines by coresident virtual machines to bring huge security threats to edge computing. Virtual machine migration technology is currently the main way to defend against side-channel attacks. VM migration can effectively prevent attackers from realizing coresident virtual machines, thereby ensuring data security and privacy protection of edge computing based on the Internet of Things. This paper considers the relevance between application services and proposes a VM migration strategy based on service correlation. This strategy defines service relevance factors to quantify the degree of service relevance, build VM migration groups through service relevance factors, and effectively reduce communication overhead between servers during migration, design and implement the VM memory migration based on the post-copy method, effectively reduce the occurrence of page fault interruption, and improve the efficiency of VM migration.

Qiang Wu,Ran Wang,Xincheng Yan,Chunming Wu,Rongxing Lu

DOI: https://doi.org/10.1109/MWC.001.2100251

IF: 12.777

2022-01-01

IEEE Wireless Communications

Abstract:Opening-up sharing has prompted the multi-tenancy architecture, whereby different vendors (including outsourcees) work together with network operators to form a vibrant service ecosystem, resulting in several advantages as well as risks. In particular, the static nature of existing architectures in network functions virtualization-based (NFV-based) clouds facilitate hacking. Thus, much attention has been focused on determining how to avoid the uncontrollable cloud security induced by complex production relations and non-trustworthy software/hardware sources when the two sets of security risks intersect. In this article, we investigate latent persistent threats against cloud environments and determine a high degree of complementarity and consistency between the NFV-based cloud environment and the dynamic defense concept. More specifically, new NFV-based cloud features provide an effective implementation for dynamic defense, while the generalized robustness of dynamic defense theory allows for high security gains. Intrinsic cloud security (iCS) is then proposed to align NFV-based clouds, mimicking defense and the moving target defense (MTD) paradigm to implement a seamless integration and symbiosis evolution between security and NFV-based clouds. We quantify the impact on system overhead to account for efficiency and cost issues. The simulation analysis demonstrates that the enhanced mode is able to consistently obtain a more beneficial and stable defense compared with the counterparts.

Xin Liang,Xiaolin Gui,Jian An,Dewang Ren

DOI: https://doi.org/10.1109/pccc.2017.8280448

2017-01-01

Abstract:Security is one of the biggest concerns for the further adoption of Clouds. However, Cloud providers usually assign VMs leased by different customers upon the same physical server. Albeit maximizing resource efficiency, this cross-domain sharing poses a serious threat to customers' privacy concerns. A malicious VM could break or bypass the isolation mechanism and execute certain cross-VM attacks, such as side channel attacks or memory Dos attacks, etc. However, most of previous solutions are either attack-specific or unsuitable for immediate deployment, making the mitigation techniques for co-resident attacks still an important and worth-studying problem in cloud security. In this paper, we propose a novel grouping-based VM placement strategy to provide a secure optimization for existing VM placement policies. The theoretical analysis and simulation results show that our strategy decreases enormously the probability of co-residence while incurring only a slight loss on resource efficiency. The results also demonstrate that our strategy is significantly more effective in terms of both co-location resistance and resources efficiency, compared with the CLR policy.

Huaizhe Zhou,Haihe Ba,Yongjun Wang,Zhiying Wang,Jun Ma,Yunshi Li,Huidong Qiao

DOI: https://doi.org/10.3390/sym11020252

2019-01-01

Abstract:The dramatic proliferation of cloud computing makes it an attractive target for malicious attacks. Increasing solutions resort to virtual machine introspection (VMI) to deal with security issues in the cloud environment. However, the existing works are not feasible to support tenants to customize individual security services based on their security requirements flexibly. Additionally, adoption of VMI-based security solutions makes tenants at the risk of exposing sensitive information to attackers. To alleviate the security and privacy anxieties of tenants, we present SECLOUD, a framework for monitoring VMs in the cloud for security analysis in this paper. By extending VMI techniques, SECLOUD provides remote tenants or their authorized security service providers with flexible interfaces for monitoring runtime information of guest virtual machines (VMs) in a non-intrusive manner. The proposed framework enhances effectiveness of monitoring by taking advantages of architectural symmetry of cloud environment. Moreover, we harden our framework with a privacy-preserving capacity for tenants. The flexibility and effectiveness of SECLOUD is demonstrated through a prototype implementation based on Xen hypervisor, which results in acceptable performance overhead.

Yuchen Wong,Qingni Shen

DOI: https://doi.org/10.1109/bdcloud.2018.00095

2018-01-01

Abstract:With the fast development of cloud computing, cloud demand has exploded. In order to meet the primary performance needs of cloud users, cloud service providers need to carry out load balancing policy for virtual machines (VMs), which exacerbates the co -residence threats. In this paper, we try to solve the problem from the perspective of VM management, that is to say, we optimize the VM management policy to reduce the chances that ordinary VMs resident with the malicious VMs. In previous researches, the basic idea is to make the attack as difficult as possible during the placement, but there is little discussion about how to retrieve after the attacker successfully co -resident. Compared with them, for the first time we introduce the concept of Familiarity to mark cloud users and their VMs, and then design a secure VM placement algorithm and a secure load balancing algorithm. These algorithms not only make the co -residence difficult but can handle the security issue after it happens. After evaluation, our algorithms can well achieve the expectations.

Yaqiang Mao,Xujian Chen,Yuan Luo

DOI: https://doi.org/10.1049/cp.2014.1285

2014-01-01

Abstract:As a basic cloud service model, the Infrastructure-as-aService (IaaS) provides fundamental computing resources for PaaS and SaaS with a guaranteed ability to reduce costs and improve resource efficiency. Virtualization plays a crucial role to support the IaaS. However, it is not safety because of exposing the hosted virtual machines (VMs) to uncontrollable environment. In addition, traditional in-guest security solutions, relying on operation system kernel trustworthiness, are no longer effective to virtual infrastructure. In this paper, we introduce HVSM (Hybrid Virtualization Security Monitor) to deal with above security problems, which is a new In-OutVM hybrid virtualization-aware architecture depending on lightweight, comprehensive and dynamic security monitoring. First, as to Hybrid, HVSM utilizes virtual machine introspection technique to inspect kernel running state of the guest VM (GVM) from outside. Inside the GVM, measure agent (MA) tests and delivers processes' integrity information to security VM (SVM). In succession, MA is in the guard of measure agent keeper (MAK) running in the SVM. Second, dynamically, HVSM combines kernel state information with processes' integrity so as to provide a security report on GVM. Third, a proof-of-concept prototype is implemented using libvmi based on Xen hypervisor. Finally, we evaluate efficiency and the performance overhead of HVSM, which is acceptably low to support real-time monitoring.

Weichao Ding,Chunhua Gu,Fei Luo,Yaohui Chang,Ulysse Rugwiro,Xiaoke Li,Geng Wen

DOI: https://doi.org/10.1007/s12083-016-0502-z

IF: 3.488

2016-01-01

Peer-to-Peer Networking and Applications

Abstract:The problem of Virtual Machine (VM) placement is critical to the security and efficiency of the cloud infrastructure. Nowadays most research focuses on the influences caused by the deployed VM on the data center load, energy consumption, resource loss, etc. Few works consider the security and privacy issues of the tenant data on the VM. For instance, as the application of virtualization technology, the VM from different tenants may be placed on one physical host. Hence, attackers may steal secrets from other tenants by using the side-channel attack based on the shared physical resources, which will threat the data security of the tenants in the cloud computing. To address the above issues, this paper proposes an efficient and secure VM placement strategy. Firstly, we define the related security and efficiency indices in the cloud computing system. Then, we establish a multi-objective constraint optimization model for the VM placement considering the security and performance of the system, and find resolution towards this model based on the discrete firefly algorithm. The experimental results in OpenStack cloud platform indicates that the above strategy can effectively reduce the possibility of malicious tenants and targeted tenants on the same physical node, and reduce energy consumption and resource loss at the data center.

Kui Su,Lei Xu,Cong Chen,Wenzhi Chen,Zonghui Wang

DOI: https://doi.org/10.1109/isads.2015.42

2015-01-01

Abstract:Virtual machine placement (VMP) problem has been a key issue in IaaS/PaaS cloud infrastructures. Many recent works on VMP prove that inter-VM relations such as memory share, traffic dependency and resource competition should be seriously considered to save energy, increase the performance of infrastructure, reduce service level agreement violation rates and provide better administrative capabilities to the cloud provider. However, most existing works consider the inter-VM relations without taking the heterogeneity of cloud data centers into account. In practice, heterogeneous physical machines (PM) in a heterogeneous data center are often partitioned into logical groups for load balancing and specific services, cloud users always assigned their VMs with specific PM requirements, which make the inter-VM relations far more complex. In this paper, we propose an efficient solution for VMP with inter-VM relation constraints in a heterogeneous data center. The experimental results prove that our solution can efficiently solve the complex problem with an acceptable runtime.

Xueyuan Yin,Xingshu Chen,Lin Chen,Guolin Shao,Hui Li,Shusong Tao

DOI: https://doi.org/10.1109/access.2018.2837039

IF: 3.9

2018-01-01

IEEE Access

Abstract:With the rapid promotion and application of cloud computing technology in various fields, cloud computing security has become the focus of attention. To satisfy the virtual machine (VM) security requirements of communication access control, network anomaly detection, memory monitoring, and file antivirus in Infrastructure as a Service (IaaS) platform, a comprehensive protection framework with the capacity of defense-in-depth for tenant VMs was proposed in this paper, which employed three different layers to satisfy above security requirements of tenant business from the outside to the inside of the VM. At the first layer, a tenant domain model was abstracted and realized based on software defined networking (SDN), which was used to re-obtain the capacity for communication access control for VM traffic and ensure security isolation of different tenant business networks. Besides, to detect the network abnormality of tenant VMs, a traffic structure stability model was constructed according to the deviation degree between current and historical normal network traffic structure profile. At the second layer, the capacities of network access control and anomaly detection, the same as the capacities used in the first layer, which were provided based on VM granularity. At the third layer, to monitor the VM memory information, a VM security monitoring method with agentless based on online analysis of VM memory was proposed by employing physical memory analysis mechanism. Moreover, a file antivirus method named HyperAV for VM based on virtualization was given, which was constructed of a frontend and a rear end. HyperAV optimized the process of virus scanning by monitoring the sector change information of a running VM with low performance costs. The experimental results demonstrated the effectiveness and low performance costs of the proposed protection framework and the corresponding security mechanisms, respectively.

Chuliang Weng,Jianfeng Zhan,Yuan Luo

DOI: https://doi.org/10.1109/tc.2014.2322608

2015-01-01

Abstract:Virtualization plays a vital role in building the infrastructure of clouds, and isolation is considered as one of its important features. However, we demonstrate with practical measurements that there exist two kinds of isolation problems in current virtualized systems, due to cache interference in a multi-core processor. That is, one virtual machine could degrade the performance or obtain the load information of another virtual machine, which running on a same physical machine. Then we present a time-sensitive contention management approach (TSAC) for allocating resources dynamically in the virtual machine monitor, in which virtual machines are controlled to share some physical resources (e.g., CPU or page color) in a dynamical manner, in order to enforce isolation between the virtual machines without sacrificing performance of the virtualized system. We have implemented a working prototype based on Xen, evaluated the implemented prototype with experiments, and experimental results show that TSAC could significantly improve isolation of virtualization. Specifically, compared to the default Xen, TSAC could improve the performance of the victim virtual machine by up to about 78 percent, and perform well in blocking its cache-based load information leakage.

Min Li,Yulong Zhang,Kun Bai,Wanyu Zang,Meng Yu,Xubin He

DOI: https://doi.org/10.5220/0004076003210326

2012-01-01

Abstract:Cloud computing is becoming more and more popular in computing infrastructure and it also introduces new security problems. For example, a physical server shared by many virtual machines can be taken over by an attacker if the virtual machine monitor is compromised through one of the virtual machines. Thus, collocating with vulnerable virtual machines, or “bad neighbours”, on the same physical server introduces additional security risks. Moreover, the connections between virtual machines, such as the network connection between a web server and its back end database server, are natural paths of attacks. Therefore, both virtual machine placement and connections among virtual machines in the cloud have great impact over the overall security of cloud. In this paper, we quantify the security risks of cloud environments based on virtual machine vulnerabilities and placement schemes. Based on our security evaluation, we develop techniques to generate virtual machine placement that can minimize the security risks considering the connections among virtual machines. According to the experimental results, our approach can greatly improve the survivability of most virtual machines and the whole cloud. The computing costs and deployment costs of our techniques are also practical.

Lu Cao,Ruiwen Li,Xiaojun Ruan,Yuhong Liu

DOI: https://doi.org/10.48550/arXiv.2203.10734

2022-03-21

Abstract:Resource sharing among users serves as the foundation of cloud computing, which, however, may also cause vulnerabilities to diverse co-residence attacks launched by malicious virtual machines (VM) residing in the same physical server with the victim VMs. In this paper, we aim to defend against such co-residence attacks through a secure, workload-balanced, and energy-efficient VM allocation strategy. Specifically, we model the problem as an optimization problem by quantifying and minimizing three key factors: (1) the security risks, (2) the power consumption and (3) the unbalanced workloads among different physical servers. Furthermore, this work considers a realistic environmental setting by assuming a random number of VMs from different users arriving at random timings, which requires the optimization solution to be continuously evolving. As the optimization problem is NP-hard, we propose to first cluster VMs in time windows, and further adopt the Ant Colony Optimization (ACO) algorithm to identify the optimal allocation strategy for each time window. Comprehensive experimental results based on real world cloud traces validates the effectiveness of the proposed scheme.

Distributed, Parallel, and Cluster Computing

Pengfei Sun,Qingni Shen,Liang Gu,Yangwei Li

DOI: https://doi.org/10.1109/anthology.2013.6784967

2013-01-01

Abstract:Virtualization technologies enable multi-tenancy cloud business models by providing a scalable, shared resource platform for all tenants. Computing capacity, storage, and network are shared between multi-tenants. However, placing different customers' workloads on the same virtualization platform may lead to security vulnerabilities, which include the failure of mechanisms separating storage, memory, routing, and even reputation between different tenants of the shared infrastructure. The co-location of many customers inevitably causes conflict for the cloud provider as customers' communication security requirements are likely to be divergent from each other. In this paper, we introduce Multi-lateral Security concept to multi-tenancy cloud platform. It is difficult to analyze policies defined by consumers in the same virtualization platform in order to guarantee configuration stability given that policies may have conflicts leading to unpredictable effects. We present the Multilateral Security Architecture for Virtualization platform (VPMS) which enables the multilateral security for consumers.

Yuqin Qiu,Qingni Shen,Yang Luo,Cong Li,Zhonghai Wu

DOI: https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.257

2017-01-01

Abstract:Due to sharing physical resource, the co-residency of virtual machine (VM) in cloud is inevitable, which brings many security threats, such as side channel attacks and covert channel threats. Most of previous work focused on detecting and resisting a bewildering variety of co-resident attacks. Generally, improving the VM deployment strategy can also mitigate the security threats of co-resident attacks effectively by reducing the probability of VM co-residency. In this paper, we propose a co-residency-resistant VM deployment strategy and define four thresholds to adjust the strategy for security and load balancing. Moreover, two metrics(VM co-residency probability and user co-residency coverage probability) are introduced to evaluate the deployment strategy. Finally, we implement the strategy and run experiments on both OpenStack and CloudSim. The results show that our strategy can reduce VM co-residency by 50% to 66.7% and user co-residency by 50% to 66% compared with the existing strategies.

Huaizhe Zhou,Haihe Ba,Jiangchun Ren,Yongjun Wang,Zhiying Wang,Yunshi Li

DOI: https://doi.org/10.1007/978-3-319-72389-1_41

2017-01-01

Abstract:Security and privacy concern is still one of the major issues that prevent users from moving to public clouds. Introduction of security services based on virtual machine introspection into cloud does not relieve this situation, because these services are inflexible and untrusted by tenants. The root cause of the problem is that the cloud administrator has more privilege over the security services, which leaves no options for the tenants to protect their virtual machines. In this paper, we propose a technique to decouple security services from cloud platform via remote virtual machine introspection. It enables remote trusted managed security services to protect tenants’ virtual machines stealthily. We have implemented a proof-of-concept prototype with Xen hypervisor, called SE-Cloud. With the separation of introspection and security-business code, the security services can not be abused by administrators and have little impact on the management virtual machine. Our preliminary experimental results show that SE-Cloud can provide more robust and flexible protections for tenant virtual machines with acceptable overhead.

Venkatanathan Varadarajan,Yinqian Zhang,Thomas Ristenpart,Michael Swift

DOI: https://doi.org/10.48550/arXiv.1507.03114

2015-07-11

Abstract:Public infrastructure-as-a-service clouds, such as Amazon EC2, Google Compute Engine (GCE) and Microsoft Azure allow clients to run virtual machines (VMs) on shared physical infrastructure. This practice of multi-tenancy brings economies of scale, but also introduces the risk of sharing a physical server with an arbitrary and potentially malicious VM. Past works have demonstrated how to place a VM alongside a target victim (co-location) in early-generation clouds and how to extract secret information via side- channels. Although there have been numerous works on side-channel attacks, there have been no studies on placement vulnerabilities in public clouds since the adoption of stronger isolation technologies such as Virtual Private Clouds (VPCs). We investigate this problem of placement vulnerabilities and quantitatively evaluate three popular public clouds for their susceptibility to co-location attacks. We find that adoption of new technologies (e.g., VPC) makes many prior attacks, such as cloud cartography, ineffective. We find new ways to reliably test for co-location across Amazon EC2, Google GCE, and Microsoft Azure. We also found ways to detect co-location with victim web servers in a multi-tiered cloud application located behind a load balancer. We use our new co-residence tests and multiple customer accounts to launch VM instances under different strategies that seek to maximize the likelihood of co-residency. We find that it is much easier (10x higher success rate) and cheaper (up to $114 less) to achieve co-location in these three clouds when compared to a secure reference placement policy.

Cryptography and Security

Gregory Levitin,Liudong Xing,Yuanshun Dai

DOI: https://doi.org/10.1016/j.ejor.2017.11.064

IF: 6.4

2017-01-01

European Journal of Operational Research

Abstract:The virtualization technology, particularly virtual machines (VMs) used in cloud computing systems have raised unique security and survivability risks for cloud users. This paper focuses on one of such risks, co-residence attacks where a user's information in one VM can be accessed (stolen) or corrupted through side channels by a malicious attacker's VM co-residing on the same server. We model and optimize users' data protection policy in which sensitive data are partitioned into several blocks to enhance data security and multiple replicas are further created for each block to provide data survivability in a cloud environment subject to the co-residence attacks. Both users' and attackers' VMs are distributed among cloud servers at random. Probabilistic models are first suggested to derive the overall probabilities of an attacker's success in data theft and data corruption. Based on the suggested probabilistic evaluation models, optimization problems of obtaining the data partition/replication policy to balance data security, data survivability and a user's overheads are formulated and solved. The possible user's uncertainty about the number of attacker's VMs is taken into account. Numerical examples demonstrating influence of different constraints on the optimal policy are presented. (C) 2017 Elsevier B.V. All rights reserved.

Bernard Ousmane Sane,Mandicou Ba,Doudou Fall,Yuzo Taenaka,Ibrahima Niang,Youki Kadobayashi

DOI: https://doi.org/10.1109/access.2024.3404949

IF: 3.9

2024-05-31

IEEE Access

Abstract:Cloud computing has completely changed IT (information technology) by providing IT resources as services on the internet. However, certain types of attacks, such as interdependency attacks, impede its wide adoption. With the latter, an attacker who succeeds in compromising the VM of a user can traverse the hypervisor to launch an attack on the VM(s) of other users on the same hypervisor. Unfortunately, we note a lack of secure and performant allocation policies against this problem. Existing policies focus on security but ignore other factors, including workload balance and energy consumption, which are vital for commercial cloud platforms. In this context, we propose different allocation policies for choosing the datacenter server to which we allocate a new virtual machine. These policies aim to minimize the interdependence of different users' VMs while keeping the system performant regarding workload balance and/or power consumption. By default, our allocation policies treat all legitimate users as attackers and host their virtual machines according to their efficiency and coverage. We first design a secure and balanced solution that increases workload balance to prevent the servers from being overused. Afterward, we propose an algorithm that addresses security, power consumption, and workload balance objectives simultaneously. Based on our simulation results, our solutions perform better than existing algorithms regarding security, workload balance, and power consumption. The balanced solution reduces the chance of an attacker to zero and increases workload balance linearly. In other words, the workload balance is between , and it utilizes slightly more hosts than existing proposals, with gains between . Although our final proposal is less secure than previous algorithms, it performs better, so it has a good workload balance ( ) and consumes less energy.

computer science, information systems,telecommunications,engineering, electrical & electronic

Tianni Xu,Xiufeng Sui,Zhicheng Yao,Jiuyue Ma,Yungang Bao,Lixin Zhang

DOI: https://doi.org/10.1109/HPCC.and.EUC.2013.36

2013-01-01

Abstract:Data centers are increasingly employing virtualization as a means to ensure the performance isolation for latency-sensitive applications while allowing co-locations of multiple applications. Previous research has shown that virtualization could offer excellent resource isolation. However, whether virtualization can mitigate the interference among micro-architectural resources has not been well studied. This paper presents an in-depth analysis of the performance isolation effect of virtualization technology on various micro-architectural resources (i.e., L1 D-Cache, L2 Cache, last level cache (LLC), hardware prefetchers and Non-Uniform Memory Access) by mapping the CloudSuite benchmarks to different sockets, different cores of one chip, and different threads of one core. For each resource, we investigate the correlation between performance variations and contention by changing VM mapping policies according to different application characteristics. Our experiments show that virtualization has rather limited micro-architectural isolation effects. Specifically, LLC interference can degrade applications performance by as much as 28%. When it comes to intra-core resources, the applications performance degradation can be as much as 27%. Additionally, we outline several opportunities to improve performance by reducing misbehavior VM interference.