Jan. 28, 2013 to Jan. 30, 2013
Si Yu , Shaanxi Province Key Lab. of Comput. Network, Xi'an Jiaotong Univ., Xi'an, China
Xiaolin Gui , Shaanxi Province Key Lab. of Comput. Network, Xi'an Jiaotong Univ., Xi'an, China
Jiancai Lin , Shaanxi Province Key Lab. of Comput. Network, Xi'an Jiaotong Univ., Xi'an, China
Side channel attacks, which intend to analyze third party sharing resources responses, has become a significant security threat to cloud, in particular the cache-based side channel attacks. In this paper, to eliminate such a security threat in cloud, based on the observation that the creation of a side channel has certain effects on the resource utilization in both the host and guest, we investigate the detection approach for detecting cache-based side channel attacks, named CSDA. The approach uses the two-stage detection mode which consists of host detection and guest detection, combines shape test and regularity test to extract the attack features from hosts and guests, and uses pattern recognition techniques to distinguish the attack VMs from the legitimate VMs. At last, a series of experiments are conducted, and the experimental results show that CSDA is capable of detecting them in cloud effectively.
Feature extraction, Standards, Timing, Synthetic aperture sonar, Security, Shape, Cloud computing,attack detection, cloud computing, virtualization security, cache-based side channel attacks
Si Yu, Xiaolin Gui, Jiancai Lin, "An approach with two-stage mode to detect cache-based side channel attacks", ICOIN, 2013, The International Conference on Information Networking 2014 (ICOIN2014), The International Conference on Information Networking 2014 (ICOIN2014) 2013, pp. 186-191, doi:10.1109/ICOIN.2013.6496374