The Research Of Cross-VM Covert Channel Attacks Based On Shared Memory And Balloon Driver In IaaS Cloud

With development of the Information Technology, the computer and computer science act as increasingly important roles in the normal social life. The maturity of the computer hardware technology not only has brought the widespread use of low-cost high-performance computer, but also has promoted the development of computer software and computer technology, including the Cloud. Cloud providers usually use virtualization to maximize the utilization of their computing resources, e.g. many virtual machines (VMs) run on a shared physical infrastructure. However, co-residency with other VMs will cause high security risks, such as covert channel attacks. This kind of attack utilizes common physical resources to transmit information and hides the behavior of transmission itself, so it is difficult to detect and prevent. Recent research has shown attackers can build up cross-VM covert channels to obtain sensitive information. However, due to the features of shared resources (e.g. CPU cache), the sensitive information obtained is usually limited and coarse-grained. In this thesis, we present and simulate a novel covert channel, which is based on shared physical memory and exploits the vulnerabilities of balloon driver. Therefore, its success rate is higher, the quantity of its transmission data is bigger and the harm is more serious.For VMs in Cloud, memory-share has become a necessary means to obtain high-performance configurable resources. The shared memory based attack also uses shared memory as a medium for information transmission. The memory between co-resident VMs on the same physical infrastructure is usually controlled by the VMM. In other words, the memory can flow between VMs with the help of VMM. It is the fluidity and the help of balloon drivers that make the novel covert channel attack to be possible. Compared with current cross-VM covert channels, it can transmit more fine-grained data. We use Xen as a testbed to prove the attack, and conduct some experiments according to three possible factors to evaluate the performance of our shared-memory based cross-VM covert channel attack. At the end of the paper, we also present some countermeasures to prevent from the attack.