Towards a Framework for Assessing the Feasibility of Side-channel Attacks in Virtualized Environments

Tsvetoslava Vateva-Gurova; Jesus Luna; Giancarlo Pellegrino; Neeraj Suri

doi:10.5220/0005052101130124

Towards a Framework for Assessing the Feasibility of Side-channel Attacks in Virtualized Environments

Tsvetoslava Vateva-Gurova, Jesus Luna, Giancarlo Pellegrino, Neeraj Suri

2014

Abstract

Physically co-located virtual machines should be securely isolated from one another, as well as from the underlying layers in a virtualized environment. In particular the virtualized environment is supposed to guarantee the impossibility of an adversary to attack a virtual machine e.g., by exploiting a side-channel stemming from the usage of shared physical or software resources. However, this is often not the case and the lack of sufficient logical isolation is considered a key concern in virtualized environments. In the academic world this view has been reinforced during the last years by the demonstration of sophisticated side-channel attacks (SCAs). In this paper we argue that the feasibility of executing a SCA strongly depends on the actual context of the execution environment. To reflect on these observations, we propose a feasibility assessment framework for SCAs using cache based systems as an example scenario. As a proof of concept we show that the feasibility of cache-based side-channel attacks can be assessed following the proposed approach.

Download

Paper Citation

in Harvard Style

Vateva-Gurova T., Luna J., Pellegrino G. and Suri N. (2014). Towards a Framework for Assessing the Feasibility of Side-channel Attacks in Virtualized Environments . In Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014) ISBN 978-989-758-045-1, pages 113-124. DOI: 10.5220/0005052101130124

in Bibtex Style

@conference{secrypt14,
author={Tsvetoslava Vateva-Gurova and Jesus Luna and Giancarlo Pellegrino and Neeraj Suri},
title={Towards a Framework for Assessing the Feasibility of Side-channel Attacks in Virtualized Environments},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)},
year={2014},
pages={113-124},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005052101130124},
isbn={978-989-758-045-1},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)
TI - Towards a Framework for Assessing the Feasibility of Side-channel Attacks in Virtualized Environments
SN - 978-989-758-045-1
AU - Vateva-Gurova T.
AU - Luna J.
AU - Pellegrino G.
AU - Suri N.
PY - 2014
SP - 113
EP - 124
DO - 10.5220/0005052101130124