Mehmet Sinan Inci, Gorka Irazoqui Apecechea, T. Eisenbarth, B. Sunar
{"title":"使用Microsoft Azure上的逻辑通道进行高效、对抗性的邻居发现","authors":"Mehmet Sinan Inci, Gorka Irazoqui Apecechea, T. Eisenbarth, B. Sunar","doi":"10.1145/2991079.2991113","DOIUrl":null,"url":null,"abstract":"We introduce an effective technique that exploits logical channels for malicious co-location and target identification on Microsoft Azure cloud instances. Specifically, we employ-two co-location scenarios: targeted co-location with a specific victim or co-location with subsequent identification of victims of interest. We develop a novel, noise-resistant co-location detection method through the network channel that provides fast, reliable results with no cooperation from the victim. Also, our method does not require access to the victim instance neither as a legitimate user nor a malicious attacker. The efficacy of the proposed technique enables practical QoS degradation attacks which are easy and cheap to implement yet hard to discover. The slightest performance degradation in web interfaces or time critical applications can result in significant financial losses. To this end, we show that once co-located, a malicious instance can use memory bus locking to render the victim server unusable to the customers. This work underlines the need for cloud service providers to apply stronger isolation techniques.","PeriodicalId":419419,"journal":{"name":"Proceedings of the 32nd Annual Conference on Computer Security Applications","volume":"12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Efficient, adversarial neighbor discovery using logical channels on Microsoft Azure\",\"authors\":\"Mehmet Sinan Inci, Gorka Irazoqui Apecechea, T. Eisenbarth, B. Sunar\",\"doi\":\"10.1145/2991079.2991113\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We introduce an effective technique that exploits logical channels for malicious co-location and target identification on Microsoft Azure cloud instances. Specifically, we employ-two co-location scenarios: targeted co-location with a specific victim or co-location with subsequent identification of victims of interest. We develop a novel, noise-resistant co-location detection method through the network channel that provides fast, reliable results with no cooperation from the victim. Also, our method does not require access to the victim instance neither as a legitimate user nor a malicious attacker. The efficacy of the proposed technique enables practical QoS degradation attacks which are easy and cheap to implement yet hard to discover. The slightest performance degradation in web interfaces or time critical applications can result in significant financial losses. To this end, we show that once co-located, a malicious instance can use memory bus locking to render the victim server unusable to the customers. This work underlines the need for cloud service providers to apply stronger isolation techniques.\",\"PeriodicalId\":419419,\"journal\":{\"name\":\"Proceedings of the 32nd Annual Conference on Computer Security Applications\",\"volume\":\"12 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-12-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 32nd Annual Conference on Computer Security Applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2991079.2991113\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 32nd Annual Conference on Computer Security Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2991079.2991113","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Efficient, adversarial neighbor discovery using logical channels on Microsoft Azure
We introduce an effective technique that exploits logical channels for malicious co-location and target identification on Microsoft Azure cloud instances. Specifically, we employ-two co-location scenarios: targeted co-location with a specific victim or co-location with subsequent identification of victims of interest. We develop a novel, noise-resistant co-location detection method through the network channel that provides fast, reliable results with no cooperation from the victim. Also, our method does not require access to the victim instance neither as a legitimate user nor a malicious attacker. The efficacy of the proposed technique enables practical QoS degradation attacks which are easy and cheap to implement yet hard to discover. The slightest performance degradation in web interfaces or time critical applications can result in significant financial losses. To this end, we show that once co-located, a malicious instance can use memory bus locking to render the victim server unusable to the customers. This work underlines the need for cloud service providers to apply stronger isolation techniques.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
