6533b821fe1ef96bd127afb4

RESEARCH PRODUCT

On Detection of Network-Based Co-residence Verification Attacks in SDN-Driven Clouds

Hämäläinen TimoMikhail ZolotukhinElena Ivannikova

subject

021110 strategic defence & security studiesbusiness.industryComputer scienceVisibility (geometry)0211 other engineering and technologiesBotnetCloud computingcloud environments02 engineering and technologycomputer.software_genrepilvipalvelutInformation sensitivityMode (computer interface)Virtual machine0202 electrical engineering electronic engineering information engineering020201 artificial intelligence & image processingState (computer science)co-residence detectiontietoturvavirtual networksbusinessVirtual networkcomputerComputer network

description

Modern cloud environments allow users to consume computational and storage resources in the form of virtual machines. Even though machines running on the same cloud server are logically isolated from each other, a malicious customer can create various side channels to obtain sensitive information from co-located machines. In this study, we concentrate on timely detection of intentional co-residence attempts in cloud environments that utilize software-defined networking. SDN enables global visibility of the network state which allows the cloud provider to monitor and extract necessary information from each flow in every virtual network in online mode. We analyze the extracted statistics on different levels in order to find anomalous patterns. The detection results obtained show us that the co-residence verification attack can be detected with the methods that are usually employed for botnet analysis. peerReviewed

yearjournalcountryeditionlanguage
2017-01-01
https://doi.org/10.1007/978-3-319-67380-6_22