research-article

Eliminating fine grained timers in Xen

Authors:

Bhanu C. Vattikonda,

Sambit Das,

Hovav ShachamAuthors Info & Claims

CCSW '11: Proceedings of the 3rd ACM workshop on Cloud computing security workshop

Pages 41 - 46

https://doi.org/10.1145/2046660.2046671

Published: 21 October 2011 Publication History

Get Access

Abstract

The move to "infrastructure-as-a-service" cloud computing brings with it a new risk: cross-virtual machine side channels through shared physical resources such as the L2 cache. One approach to this risk is to rewrite sensitive code to eliminate the signal. In this paper we consider another approach: weakening malicious virtual machines' ability to receive the signal by eliminating fine-grained timers. Such "fuzzy time" was implemented in 1991 in the VAX security kernel, but it was not clearly applicabile to modern virtual machine managers such as Xen on platforms such as the x86, which exports a cycle counter through the RDTSC instruction.

In this paper, we demonstrate that it is possible to modify the RDTSC instruction on Xen-virtualized x86 machines, making the timer provided by this instruction substantially more coarse. We perform a thorough evaluation of the impact of modifying this timer on the usability of the system, and we evaluate the limiting point of the timer coarseness.

Our findings open the way to a specific research program for mitigating cloud computing side channels through fuzzy time: (1) What other sources of fine-grained time are available to a malicious VM, and is it possible to degrade them? (2) What distribution of noise should be introduced to RDTSC and other timing signals to maximize the effect on malicious VMs while minimizing the effect on legitimate ones? (3) What timing resolution is actually needed to make use of L2 cache side channels?

References

[1]

A. Aviram, S. Hu, B. Ford, and R. Gummadi. Determinating timing channels in compute clouds. In A. Perrig and R. Sion, editors, Proceedings of CCSW 2010. ACM Press, Oct. 2010.

Digital Library

Google Scholar

[2]

D. J. Bernstein. Cache-timing attacks on AES, Apr. 2005. Online: http://cr.yp.to/papers.html#cachetiming.

Google Scholar

[3]

E. Brickell, G. Graunke, M. Neve, and J.-P. Seifert. Software mitigations to hedge AES against cache-based software side channel vulnerabilities. Cryptology ePrint Archive, Report 2006/052, 2006. http://eprint.iacr.org/.

Google Scholar

[4]

Y. Chen, V. Paxson, and R. Katz. What's new about cloud computing security? Technical Report UCB/EECS-2010-5, UC Berkeley Department of EECS, jan 2010. Online: http://www.eecs.berkeley.edu/Pubs/TechRpts/2010/EECS-2010-5.pdf.

Google Scholar

[5]

J. Dean. Designs, lessons and advice from building large distributed systems. Invited talk at LADIS 2009, Oct. 2009. Online: http://www.cs.cornell.edu/projects/ladis2009/talks/dean-keynote-ladis2009.pdf.

Google Scholar

[6]

FFTW. http://www.fftw.org/.

Google Scholar

[7]

J. W. Gray. On analyzing the bus-contention channel under fuzzy time. In C. Meadows, editor, Proceedings of CSFW 1993, pages 3--9. IEEE Computer Society, June 1993.

Google Scholar

[8]

J. W. Gray. Countermeasures and tradeoffs for a class of covert timing channels. Technical Report HKUST-CS94-18, Hong Kong Uuiversity of Science and Technology, 1994. Online: http://hdl.handle.net/1783.1/25.

Google Scholar

[9]

W.-M. Hu. Reducing timing channels with fuzzy time. In Proceedings of IEEE Security and Privacy ("Oakland") 1991, pages 8--20. IEEE Computer Society, May 1991.

Crossref

Google Scholar

[10]

IOLAT disk latency measure. http://pedro.larroy.com/devel/iolat/.

Google Scholar

[11]

C. Percival. Cache missing for fun and profit. Presented at BSDCan 2005, May 2005. Online: http://www.daemonology.net/papers/htt.pdf.

Google Scholar

[12]

T. Ristenpart, E. Tromer, H. Shacham, and S. Savage. Hey, you, get off of my cloud! Exploring information leakage in third-party compute clouds. In S. Jha and A. Keromytis, editors, Proceedings of CCS 2009, pages 199--212. ACM Press, Nov. 2009.

Digital Library

Google Scholar

[13]

E. Tromer, D. A. Osvik, and A. Shamir. Efficient cache attacks on AES, and countermeasures. J. Cryptology, 23(1):37--71, Jan. 2009.

Digital Library

Google Scholar

Cited By

View all

Peng YJiang XWang SXiang YXing L(2024)An Improved Co-Resident Attack Defense Strategy Based on Multi-Level Tenant Classification in Public Cloud PlatformsElectronics10.3390/electronics1316327313:16(3273)Online publication date: 18-Aug-2024
https://doi.org/10.3390/electronics13163273
Cosseron LRilling LSimonin MQuinson M(2024)Simulating the Network Environment of Sandboxes to Hide Virtual Machine Introspection PausesProceedings of the 17th European Workshop on Systems Security10.1145/3642974.3652280(1-7)Online publication date: 22-Apr-2024
https://dl.acm.org/doi/10.1145/3642974.3652280
Wang MJia SZheng FMa YLin JMeng LMa Z(2024)TF-Timer: Mitigating Cache Side-Channel Attacks in Cloud through a Targeted Fuzzy Timer2024 IEEE Wireless Communications and Networking Conference (WCNC)10.1109/WCNC57260.2024.10571330(1-6)Online publication date: 21-Apr-2024
https://doi.org/10.1109/WCNC57260.2024.10571330
Show More Cited By

Index Terms

Eliminating fine grained timers in Xen
1. Security and privacy
  1. Cryptography
    1. Cryptanalysis and other attacks
  2. Intrusion/anomaly detection and malware mitigation
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Xen and co.: communication-aware CPU scheduling for consolidated xen-based hosting platforms
VEE '07: Proceedings of the 3rd international conference on Virtual execution environments

Recent advances in software and architectural support for server virtualization have created interest in using this technology in the design of consolidated hosting platforms. Since virtualization enables easier and faster application migration as well ...
Transparently bridging semantic gap in CPU management for virtualized environments

Consolidated environments are progressively accommodating diverse and unpredictable workloads in conjunction with virtual desktop infrastructure and cloud computing. Unpredictable workloads, however, aggravate the semantic gap between the virtual ...
Fast Live Cloning of Virtual Machine Based on Xen
HPCC '09: Proceedings of the 2009 11th IEEE International Conference on High Performance Computing and Communications

Virtual Machine (VM) cloning is to create a replica of a source virtual machine (parent virtual machine); the replica, also called child virtual machine, owns exactly the same executing status as parent virtual machine. Fast live cloning guarantees that,...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

CCSW '11: Proceedings of the 3rd ACM workshop on Cloud computing security workshop

October 2011

138 pages

ISBN:9781450310048

DOI:10.1145/2046660

Program Chairs:
Christian Cachin
IBM Research - Zurich, Switzerland
,
Thomas Ristenpart
University of Wisconsin-Madison, USA

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 October 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'11

Sponsor:

SIGSAC

CCS'11: the ACM Conference on Computer and Communications Security

October 21, 2011

Illinois, Chicago, USA

Acceptance Rates

Overall Acceptance Rate 37 of 108 submissions, 34%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

111
Total Citations
View Citations
447
Total Downloads

Downloads (Last 12 months)13
Downloads (Last 6 weeks)1

Reflects downloads up to 13 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Peng YJiang XWang SXiang YXing L(2024)An Improved Co-Resident Attack Defense Strategy Based on Multi-Level Tenant Classification in Public Cloud PlatformsElectronics10.3390/electronics1316327313:16(3273)Online publication date: 18-Aug-2024
https://doi.org/10.3390/electronics13163273
Cosseron LRilling LSimonin MQuinson M(2024)Simulating the Network Environment of Sandboxes to Hide Virtual Machine Introspection PausesProceedings of the 17th European Workshop on Systems Security10.1145/3642974.3652280(1-7)Online publication date: 22-Apr-2024
https://dl.acm.org/doi/10.1145/3642974.3652280
Wang MJia SZheng FMa YLin JMeng LMa Z(2024)TF-Timer: Mitigating Cache Side-Channel Attacks in Cloud through a Targeted Fuzzy Timer2024 IEEE Wireless Communications and Networking Conference (WCNC)10.1109/WCNC57260.2024.10571330(1-6)Online publication date: 21-Apr-2024
https://doi.org/10.1109/WCNC57260.2024.10571330
Wang MZheng FLin JJiang FMa Y(2024)ZeroShield: Transparently Mitigating Code Page Sharing Attacks With Zero-Cost Stand-ByIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.343506219(7389-7403)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3435062
Zhang XZhang ZShen QWang WGao YYang ZZhang J(2024)SegScope: Probing Fine-grained Interrupts via Architectural Footprints2024 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA57654.2024.00039(424-438)Online publication date: 2-Mar-2024
https://doi.org/10.1109/HPCA57654.2024.00039
Hashemi MForte DGanji F(2024)Time Is Money, Friend! Timing Side-Channel Attack Against Garbled Circuit ConstructionsApplied Cryptography and Network Security10.1007/978-3-031-54776-8_13(325-354)Online publication date: 29-Feb-2024
https://doi.org/10.1007/978-3-031-54776-8_13
Katzman DKosasih WChuengsatiansup CRonen EYarom YCalandrino JTroncoso C(2023)The gates of timeProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620347(1955-1972)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620347
Xu BLu M(2023)Agent-Based Virtual Machine Migration for Load Balancing and Co-Resident Attack in Cloud ComputingApplied Sciences10.3390/app1306370313:6(3703)Online publication date: 14-Mar-2023
https://doi.org/10.3390/app13063703
Deutsch PNa WBourgeat TEmer JYan MSolihin YHeinrich M(2023)Metior: A Comprehensive Model to Evaluate Obfuscating Side-Channel Defense SchemesProceedings of the 50th Annual International Symposium on Computer Architecture10.1145/3579371.3589073(1-16)Online publication date: 17-Jun-2023
https://dl.acm.org/doi/10.1145/3579371.3589073
Xiao HAinsworth SAamodt TJerger NSwift M(2023)Hacky Racers: Exploiting Instruction-Level Parallelism to Generate Stealthy Fine-Grained TimersProceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 210.1145/3575693.3575700(354-369)Online publication date: 27-Jan-2023
https://dl.acm.org/doi/10.1145/3575693.3575700
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Xen and co.: communication-aware CPU scheduling for consolidated xen-based hosting platforms

Transparently bridging semantic gap in CPU management for virtualized environments

Fast Live Cloning of Virtual Machine Based on Xen