Prevention of VM Timing side-channel attack in a cloud environment using randomized timing approach in AES – 128

International Journal of Experimental Research and Review Pub Date : 2023-07-30 DOI:10.52756/10.52756/ijerr.2023.v31spl.013

Animesh Kumar, S. Dutta, Prashant Pranav

{"title":"Prevention of VM Timing side-channel attack in a cloud environment using randomized timing approach in AES – 128","authors":"Animesh Kumar, S. Dutta, Prashant Pranav","doi":"10.52756/10.52756/ijerr.2023.v31spl.013","DOIUrl":null,"url":null,"abstract":"The term \"cloud computing\" refers to the delivery of various computer services to users via the Internet. These services include servers, storage, databases, networking, software, and analytics. The ability for businesses to swiftly and easily access computing resources as needed is one of the primary benefits of cloud computing, along with scalability, flexibility, and cost savings. To protect themselves from data breaches, distributed denial of service attacks, and insider threats, cloud providers and consumers alike need to deploy adequate security measures. Shared resources and timing inconsistencies within the hypervisor can make it possible for attackers to deduce sensitive information from other Virtual Machines (VMs). In this research, a software-based solution to the problem of VM timing side-channel assaults (SCAs) in CC (Cloud Computing) is proposed. Following an analysis of the process's empirical complexity, the solution uses a randomized timing method, which is compatible with all of the AES–128 sub-steps.","PeriodicalId":190842,"journal":{"name":"International Journal of Experimental Research and Review","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-07-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Experimental Research and Review","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.52756/10.52756/ijerr.2023.v31spl.013","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

The term "cloud computing" refers to the delivery of various computer services to users via the Internet. These services include servers, storage, databases, networking, software, and analytics. The ability for businesses to swiftly and easily access computing resources as needed is one of the primary benefits of cloud computing, along with scalability, flexibility, and cost savings. To protect themselves from data breaches, distributed denial of service attacks, and insider threats, cloud providers and consumers alike need to deploy adequate security measures. Shared resources and timing inconsistencies within the hypervisor can make it possible for attackers to deduce sensitive information from other Virtual Machines (VMs). In this research, a software-based solution to the problem of VM timing side-channel assaults (SCAs) in CC (Cloud Computing) is proposed. Following an analysis of the process's empirical complexity, the solution uses a randomized timing method, which is compatible with all of the AES–128 sub-steps.

查看原文本刊更多论文

使用AES - 128随机定时方法防止云环境下VM定时侧信道攻击

“云计算”一词指的是通过互联网向用户提供各种计算机服务。这些服务包括服务器、存储、数据库、网络、软件和分析。企业可以根据需要快速、轻松地访问计算资源，这是云计算的主要优势之一，此外还有可伸缩性、灵活性和成本节约。为了保护自己免受数据泄露、分布式拒绝服务攻击和内部威胁，云提供商和消费者都需要部署足够的安全措施。管理程序中的共享资源和时间不一致可能使攻击者从其他虚拟机(vm)推断出敏感信息。在本研究中，提出了一种基于软件的解决方案来解决CC(云计算)中VM定时侧信道攻击(SCAs)问题。在分析了过程的经验复杂性之后，该解决方案使用随机计时方法，该方法与所有AES-128子步骤兼容。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Experimental Research and Review

自引率

0.00%

发文量