ConfMVM: a hardware-assisted model to confine malicious VMs

Zirak Allaf, Mo Adda, Alexander Gegov

Research output: Chapter in Book/Report/Conference proceedingConference contribution

201 Downloads (Pure)

Abstract

Vulnerabilities in both hardware and software have exposed them to the lack of managing programs securely in the computational environment, giving hackers the means to conduct side channel attacks with intention to steal sensitive information, including secret encryption keys. Current techniques enable attackers to exploit vulnerabilities at the micro-architecture level to build side channels. A typical example is the use of the Flush+Reload technique in the Meltdown attack [1]. This paper proposes the detection of malicious loop activities within the Flush+Reload programs through the introduction of a new classification technique. Most current detection models, approach the side channel attacks, by relying on the correlation between attacker and victim programs through the use of machine learning algorithms. This paper differs from such models. It solely analyse the malicious loop activities inside the Flush+Reload attack program and does not seek to synchronise victim and attacker programs. The model proposed has the ability to classify Flush+Reload attacks with a level of accuracy approaching 99% for native and 96% for cloud systems without increasing the cost of detection in a cloud systems above that in native systems.
Original languageEnglish
Title of host publication2018 UKSim-AMSS 20th International Conference on Modelling & Simulation
EditorsDavid Al-Dabass, Alessandra Orsoni, Richard Cant, Glenn Jenkins
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages49-54
Number of pages6
ISBN (Electronic)978-0-7695-6405-0
DOIs
Publication statusPublished - 27 Dec 2018
EventUKSim2018: UKSim-AMSS 20th International Conference on Modelling & Simulation - Cambridge, United Kingdom
Duration: 27 Mar 201829 Mar 2018

Publication series

NameIEEE UKSim Proceedings Series
PublisherIEEE
ISSN (Print)2158-1657

Conference

ConferenceUKSim2018
Country/TerritoryUnited Kingdom
CityCambridge
Period27/03/1829/03/18

Keywords

  • Side-Channel
  • Flush+Reload
  • Prime+Probe
  • HPC
  • Machine Learning
  • Cloud Computing
  • Cryptography

Fingerprint

Dive into the research topics of 'ConfMVM: a hardware-assisted model to confine malicious VMs'. Together they form a unique fingerprint.

Cite this