A proposed covert channel based on memory reclamation

Simple item page
dc.AffiliationOctober University for modern sciences and Arts (MSA)
dc.contributor.authorHussein, Omar
dc.contributor.authorHamza, Nermin
dc.contributor.authorHefny, Hesham
dc.date.accessioned2020-02-13T10:34:00Z
dc.date.available2020-02-13T10:34:00Z
dc.date.issued2015
dc.descriptionMSA Google Scholaren_US
dc.description.abstractThis paper proposes a covert channel that is specific to virtual machine monitors (VMMs); it is called VMM memory reclamation-based covert storage channel. The paper describes a prospective information leakage attack that can be launched on security-critical processes running in a targeted virtual machine (VM) using the discovered covert channel. This attack exploits a widely adopted VM dynamic memory allocation mechanism called ballooning to breach inter-VM isolation. It involves two cooperating malicious processes: the sender process and the receiver process executing in two VMs: the target VM and the attacking VM respectively. Both VMs run concurrently on top of the same bare-metal VMM. Both malicious processes have access to the dynamically-allocated shared physical memory that is managed by the VMM, and multiplexed between both VMs. The malicious processes exploit the shared memory as a communication medium to leak confidential data. Through VMM memory reclamation-based covert storage channel, the sender process and the receiver process cooperate to force the VMM to reclaim memory pages from the target VM and allocate them to the attacking VM as extra memory space, thereby leaking information from the sender process to the receiver process.en_US
dc.description.sponsorshipIEEEen_US
dc.description.urihttps://www.scimagojr.com/journalsearch.php?q=21100463145&tip=sid&clean=0
dc.identifier.citation1. J. Smith, R. Nair, Virtual Machines: Versatile Platforms for Systems and Processes, San Francisco:Morgan kaukfmann Publishers, 2005. Show Context Google Scholar 2. W. Hagen, Professional Xen Virtualization, Indiana:Wiley Publishing, 2008. Show Context Google Scholar 3. "Amazon Web Services", Amazon elastic compute cloud, 2013, [online] Available: http://aws.amazon.com/ec2/. Show Context Google Scholar 4. "Trusted Computer System Evaluation Criteria, United States Department of Defense Standard", 1985. Show Context 5. T. Ristenpart, E. Tromer, H. Shacham, S. Savage, "Hey you get off of my cloud: exploring information leakage in third-party compute clouds", Proc. CCS'09, pp. 199-212, 2009. Show Context Access at ACM Google Scholar 6. K. Okamura, Y. Oyama, "Load-based covert channels between Xen virtual machines", Proc. SAC'10, pp. 173-180, 2010. Show Context Access at ACM Google Scholar 7. C. Waldspurger, "Memory resource management in VMware ESX server", Proc. OSDI'02, pp. 181-194, 2002. Show Context Access at ACM Google Scholar 8. P. Barham et al., "Xen and the art of virtualization", Proc. SOSP‘03, pp. 164-177, 2003. Show Context Access at ACM Google Scholar 9. I. Banerjee, P. Moltmann, K. Tati, R. Venkatasubramanian, "VMware ESX memory resource management: swap", 2014, [online] Available: https://labs.vmware.com/vmtj/vmware-esx-memory-resource-management-swap.en_US
dc.identifier.doihttps://doi.org/10.1109/IntelCIS.2015.7397244
dc.identifier.isbn978-1-5090-1949-6
dc.identifier.otherhttps://doi.org/10.1109/IntelCIS.2015.7397244
dc.identifier.urihttps://t.ly/g7202
dc.language.isoenen_US
dc.publisherIEEEen_US
dc.relation.ispartofseriesIntelligent Computing and Information Systems (ICICIS), 2015 IEEE Seventh International Conference on;Pages: 343-347
dc.subjectOctober University for University of Hardware , Internet , Read only memoryen_US
dc.titleA proposed covert channel based on memory reclamationen_US
dc.typeBook chapteren_US

Files

Original bundle

Now showing 1 - 1 of 1
Thumbnail Image
Name:
avatar_scholar_256.png
Size:
6.31 KB
Format:
Portable Network Graphics
Description:
Faculty Of Computer Science Research Paper
Download

License bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
51 B
Format:
Item-specific license agreed upon to submission
Description:
Download

Collections

Faculty Of Computer Science Research Paper