Home > Research > Publications & Outputs > InfoLeak

Links

Text available via DOI:

View graph of relations

InfoLeak: Scheduling-based information leakage

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paper

Published

Standard

InfoLeak : Scheduling-based information leakage. / Vateva-Gurova, T.; Manzoor, S.; Huang, Y.; Suri, Neeraj.

2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC). IEEE, 2019. p. 44-53.

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paper

Harvard

Vateva-Gurova, T, Manzoor, S, Huang, Y & Suri, N 2019, InfoLeak: Scheduling-based information leakage. in 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC). IEEE, pp. 44-53. https://doi.org/10.1109/PRDC.2018.00015

APA

Vateva-Gurova, T., Manzoor, S., Huang, Y., & Suri, N. (2019). InfoLeak: Scheduling-based information leakage. In 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC) (pp. 44-53). IEEE. https://doi.org/10.1109/PRDC.2018.00015

Vancouver

Vateva-Gurova T, Manzoor S, Huang Y, Suri N. InfoLeak: Scheduling-based information leakage. In 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC). IEEE. 2019. p. 44-53 https://doi.org/10.1109/PRDC.2018.00015

Author

Vateva-Gurova, T. ; Manzoor, S. ; Huang, Y. ; Suri, Neeraj. / InfoLeak : Scheduling-based information leakage. 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC). IEEE, 2019. pp. 44-53

Bibtex

@inproceedings{2e26cff9f1bc4ff180e309817d4493a1,
title = "InfoLeak: Scheduling-based information leakage",
abstract = "Covert- and side-channel attacks, typically enabled by the usage of shared resources, pose a serious threat to complex systems such as the Cloud. While their exploitation in the real world depends on properties of the execution environment (e.g., scheduling), the explicit consideration of these factors is often neglected.This paper introduces InfoLeak, an information leakage model that establishes the crucial role of the scheduler for exploiting core-private caches as covert channels. We show, formally and empirically, how the availability of these channels and the corresponding attack feasibility are affected by scheduling. Moreover, our model allows security experts to assess the related threat, posed by core-private cache covert channels for a particular system by considering solely the scheduling information. To validate the utility of InfoLeak, we deploy a covert-channel attack and correlate its success ratio to the scheduling of the attacker processes in the target system. We demonstrate the applicability of the InfoLeak model for analyzing the scheduling information for possible information leakage and also provide an example on its usage.",
keywords = "Covert-channel attacks, Feasibility, Information leakage model, Scheduling, Side channel attacks, Covert channels, Execution environments, Information leakage, Scheduling information, Security experts, Shared resources, Target systems, Side channel attack",
author = "T. Vateva-Gurova and S. Manzoor and Y. Huang and Neeraj Suri",
year = "2019",
month = feb,
day = "11",
doi = "10.1109/PRDC.2018.00015",
language = "English",
pages = "44--53",
booktitle = "2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC)",
publisher = "IEEE",

}

RIS

TY - GEN

T1 - InfoLeak

T2 - Scheduling-based information leakage

AU - Vateva-Gurova, T.

AU - Manzoor, S.

AU - Huang, Y.

AU - Suri, Neeraj

PY - 2019/2/11

Y1 - 2019/2/11

N2 - Covert- and side-channel attacks, typically enabled by the usage of shared resources, pose a serious threat to complex systems such as the Cloud. While their exploitation in the real world depends on properties of the execution environment (e.g., scheduling), the explicit consideration of these factors is often neglected.This paper introduces InfoLeak, an information leakage model that establishes the crucial role of the scheduler for exploiting core-private caches as covert channels. We show, formally and empirically, how the availability of these channels and the corresponding attack feasibility are affected by scheduling. Moreover, our model allows security experts to assess the related threat, posed by core-private cache covert channels for a particular system by considering solely the scheduling information. To validate the utility of InfoLeak, we deploy a covert-channel attack and correlate its success ratio to the scheduling of the attacker processes in the target system. We demonstrate the applicability of the InfoLeak model for analyzing the scheduling information for possible information leakage and also provide an example on its usage.

AB - Covert- and side-channel attacks, typically enabled by the usage of shared resources, pose a serious threat to complex systems such as the Cloud. While their exploitation in the real world depends on properties of the execution environment (e.g., scheduling), the explicit consideration of these factors is often neglected.This paper introduces InfoLeak, an information leakage model that establishes the crucial role of the scheduler for exploiting core-private caches as covert channels. We show, formally and empirically, how the availability of these channels and the corresponding attack feasibility are affected by scheduling. Moreover, our model allows security experts to assess the related threat, posed by core-private cache covert channels for a particular system by considering solely the scheduling information. To validate the utility of InfoLeak, we deploy a covert-channel attack and correlate its success ratio to the scheduling of the attacker processes in the target system. We demonstrate the applicability of the InfoLeak model for analyzing the scheduling information for possible information leakage and also provide an example on its usage.

KW - Covert-channel attacks

KW - Feasibility

KW - Information leakage model

KW - Scheduling

KW - Side channel attacks

KW - Covert channels

KW - Execution environments

KW - Information leakage

KW - Scheduling information

KW - Security experts

KW - Shared resources

KW - Target systems

KW - Side channel attack

U2 - 10.1109/PRDC.2018.00015

DO - 10.1109/PRDC.2018.00015

M3 - Conference contribution/Paper

SP - 44

EP - 53

BT - 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC)

PB - IEEE

ER -