Honolulu, HI, USA USA
June 24, 2012 to June 29, 2012
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CLOUD.2012.28
Cloud computing security has become the focus in information security, where much attention has been drawn to the user privacy leakage. Although isolation and some other security policies have been provided to protect the security of cloud computing, confidential information can be still stolen by timing channels without being detected. In this paper, a new method named XenPump is presented aiming to mitigate the threat of the timing channels by adding latency. XenPump is designed as a module located in hypervisor, monitoring the hypercalls used by the timing channels and adding latencies to lower the threat into an acceptable level. The prototype of XenPump has been implemented in Xen virtualization platform, and the performance is evaluated by the shared memory based timing channel. The experiment results show that XenPump can mitigate the threat of the timing channel by interrupting both the capacity and transmission accuracy. It is believed that after small extension, XenPump can mitigate the incoming timing channels.
Timing, Virtual machine monitors, Cloud computing, Receivers, Security, Monitoring, Accuracy, information flow, Timing channel, cloud computing, mitigation, Xen, virtualization
Jingzheng Wu, Liping Ding, Yuqi Lin, Nasro Min-Allah, Yongji Wang, "XenPump: A New Method to Mitigate Timing Channel in Cloud Computing", CLOUD, 2012, 2013 IEEE Sixth International Conference on Cloud Computing, 2013 IEEE Sixth International Conference on Cloud Computing 2012, pp. 678-685, doi:10.1109/CLOUD.2012.28