Skip to content

ConfMVM: a hardware-assisted model to confine malicious VMs

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Vulnerabilities in both hardware and software have exposed them to the lack of managing programs securely in the computational environment, giving hackers the means to conduct side channel attacks with intention to steal sensitive information, including secret encryption keys. Current techniques enable attackers to exploit vulnerabilities at the micro-architecture level to build side channels. A typical example is the use of the Flush+Reload technique in the Meltdown attack [1]. This paper proposes the detection of malicious loop activities within the Flush+Reload programs through the introduction of a new classification technique. Most current detection models, approach the side channel attacks, by relying on the correlation between attacker and victim programs through the use of machine learning algorithms. This paper differs from such models. It solely analyse the malicious loop activities inside the Flush+Reload attack program and does not seek to synchronise victim and attacker programs. The model proposed has the ability to classify Flush+Reload attacks with a level of accuracy approaching 99% for native and 96% for cloud systems without increasing the cost of detection in a cloud systems above that in native systems.
Original languageEnglish
Title of host publication2018 UKSim-AMSS 20th International Conference on Modelling & Simulation
EditorsDavid Al-Dabass, Alessandra Orsoni, Richard Cant, Glenn Jenkins
PublisherIEEE
Pages49-54
Number of pages6
ISBN (Electronic)978-0-7695-6405-0
DOIs
Publication statusPublished - 27 Dec 2018
EventUKSim2018: UKSim-AMSS 20th International Conference on Modelling & Simulation - Cambridge, United Kingdom
Duration: 27 Mar 201829 Mar 2018

Conference

ConferenceUKSim2018
CountryUnited Kingdom
CityCambridge
Period27/03/1829/03/18

Documents

  • UKSIM_2018

    Rights statement: © © 2018 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

    Accepted author manuscript (Post-print), 237 KB, PDF document

Related information

Relations Get citation (various referencing formats)

ID: 10454439