Standard
Protecting Cloud-Based CIs: Covert Channel Vulnerabilities at the Resource Level. / Vateva-Gurova, T.; Manzoor, S.; Trapero, R. et al.
Information and Operational Technology Security Systems: First International Workshop, IOSec 2018, CIPSEC Project, Heraklion, Crete, Greece, September 13, 2018, Revised Selected Papers. Vol. 11398 LNCS Springer-Verlag, 2019. p. 27-38 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11398 LNCS).
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Chapter
Harvard
Vateva-Gurova, T, Manzoor, S, Trapero, R
, Suri, N, E., MT, A.P., F (ed.) & K., L 2019,
Protecting Cloud-Based CIs: Covert Channel Vulnerabilities at the Resource Level. in
Information and Operational Technology Security Systems: First International Workshop, IOSec 2018, CIPSEC Project, Heraklion, Crete, Greece, September 13, 2018, Revised Selected Papers. vol. 11398 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11398 LNCS, Springer-Verlag, pp. 27-38.
https://doi.org/10.1007/978-3-030-12085-6_3APA
Vateva-Gurova, T., Manzoor, S., Trapero, R.
, Suri, N., E., M. T., A.P., F. (Ed.), & K., L. (2019).
Protecting Cloud-Based CIs: Covert Channel Vulnerabilities at the Resource Level. In
Information and Operational Technology Security Systems: First International Workshop, IOSec 2018, CIPSEC Project, Heraklion, Crete, Greece, September 13, 2018, Revised Selected Papers (Vol. 11398 LNCS, pp. 27-38). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11398 LNCS). Springer-Verlag.
https://doi.org/10.1007/978-3-030-12085-6_3Vancouver
Vateva-Gurova T, Manzoor S, Trapero R
, Suri N, E. MT, A.P. F, (ed.) et al.
Protecting Cloud-Based CIs: Covert Channel Vulnerabilities at the Resource Level. In Information and Operational Technology Security Systems: First International Workshop, IOSec 2018, CIPSEC Project, Heraklion, Crete, Greece, September 13, 2018, Revised Selected Papers. Vol. 11398 LNCS. Springer-Verlag. 2019. p. 27-38. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-12085-6_3
Author
Vateva-Gurova, T. ; Manzoor, S. ; Trapero, R. et al. /
Protecting Cloud-Based CIs : Covert Channel Vulnerabilities at the Resource Level. Information and Operational Technology Security Systems: First International Workshop, IOSec 2018, CIPSEC Project, Heraklion, Crete, Greece, September 13, 2018, Revised Selected Papers. Vol. 11398 LNCS Springer-Verlag, 2019. pp. 27-38 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
Bibtex
@inbook{3724868f5c654b4e920ee9f1c3575e5a,
title = "Protecting Cloud-Based CIs: Covert Channel Vulnerabilities at the Resource Level",
abstract = "Critical Infrastructures (CIs) increasingly leverage Cloud computing given its benefits of on-demand scalability, high availability and cost efficiency. However, the Cloud is typically characterized by the co-location of users from varied security domains that also use shared computing resources. This introduces a number of resource/architecture-level vulnerabilities. For example, the usage of a basic shared storage component, such as a memory cache, can expose the entire Cloud system to security risks such as covert-channel attacks. The success of these exploits depends on various execution environment properties. Thus, providing means to assess the feasibility of these attacks in a specific execution environment and enabling postmortem analysis is needed. While attacks at the architectural level represent a potent vulnerability to exfiltrate information, the low-level often get neglected with techniques such as intrusion detection focused more on the high-level network/middleware threats. Interestingly, cache-based covert-channel attacks are typically not detectable by traditional intrusion detection systems as covert channels do not obey any access rights or other security policies. This paper focuses on the information provided at the low architectural level to cope with the cache-based covert-channel threat. We propose the usage of feasibility metrics collected at the low level to monitor the core-private cache covert channel and, infer information regarding the probability of a covert-channel exploit happening. We also illustrate the applicability of the proposed feasibility metrics in a use case.",
keywords = "Covert channels, Feasibility, Information leakage, Scheduling, Side channels, Network security, Security systems, Side channel attack, Architectural levels, Execution environments, Intrusion Detection Systems, Postmortem analysis, Side-channel, Intrusion detection",
author = "T. Vateva-Gurova and S. Manzoor and R. Trapero and Neeraj Suri and E., {Marin Tordera} and Fournaris A.P. and Lampropoulos K.",
year = "2019",
month = jan,
day = "30",
doi = "10.1007/978-3-030-12085-6_3",
language = "English",
isbn = "9783030120849",
volume = "11398 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer-Verlag",
pages = "27--38",
booktitle = "Information and Operational Technology Security Systems",
}
RIS
TY - CHAP
T1 - Protecting Cloud-Based CIs
T2 - Covert Channel Vulnerabilities at the Resource Level
AU - Vateva-Gurova, T.
AU - Manzoor, S.
AU - Trapero, R.
AU - Suri, Neeraj
AU - E., Marin Tordera
AU - K., Lampropoulos
A2 - A.P., Fournaris
PY - 2019/1/30
Y1 - 2019/1/30
N2 - Critical Infrastructures (CIs) increasingly leverage Cloud computing given its benefits of on-demand scalability, high availability and cost efficiency. However, the Cloud is typically characterized by the co-location of users from varied security domains that also use shared computing resources. This introduces a number of resource/architecture-level vulnerabilities. For example, the usage of a basic shared storage component, such as a memory cache, can expose the entire Cloud system to security risks such as covert-channel attacks. The success of these exploits depends on various execution environment properties. Thus, providing means to assess the feasibility of these attacks in a specific execution environment and enabling postmortem analysis is needed. While attacks at the architectural level represent a potent vulnerability to exfiltrate information, the low-level often get neglected with techniques such as intrusion detection focused more on the high-level network/middleware threats. Interestingly, cache-based covert-channel attacks are typically not detectable by traditional intrusion detection systems as covert channels do not obey any access rights or other security policies. This paper focuses on the information provided at the low architectural level to cope with the cache-based covert-channel threat. We propose the usage of feasibility metrics collected at the low level to monitor the core-private cache covert channel and, infer information regarding the probability of a covert-channel exploit happening. We also illustrate the applicability of the proposed feasibility metrics in a use case.
AB - Critical Infrastructures (CIs) increasingly leverage Cloud computing given its benefits of on-demand scalability, high availability and cost efficiency. However, the Cloud is typically characterized by the co-location of users from varied security domains that also use shared computing resources. This introduces a number of resource/architecture-level vulnerabilities. For example, the usage of a basic shared storage component, such as a memory cache, can expose the entire Cloud system to security risks such as covert-channel attacks. The success of these exploits depends on various execution environment properties. Thus, providing means to assess the feasibility of these attacks in a specific execution environment and enabling postmortem analysis is needed. While attacks at the architectural level represent a potent vulnerability to exfiltrate information, the low-level often get neglected with techniques such as intrusion detection focused more on the high-level network/middleware threats. Interestingly, cache-based covert-channel attacks are typically not detectable by traditional intrusion detection systems as covert channels do not obey any access rights or other security policies. This paper focuses on the information provided at the low architectural level to cope with the cache-based covert-channel threat. We propose the usage of feasibility metrics collected at the low level to monitor the core-private cache covert channel and, infer information regarding the probability of a covert-channel exploit happening. We also illustrate the applicability of the proposed feasibility metrics in a use case.
KW - Covert channels
KW - Feasibility
KW - Information leakage
KW - Scheduling
KW - Side channels
KW - Network security
KW - Security systems
KW - Side channel attack
KW - Architectural levels
KW - Execution environments
KW - Intrusion Detection Systems
KW - Postmortem analysis
KW - Side-channel
KW - Intrusion detection
U2 - 10.1007/978-3-030-12085-6_3
DO - 10.1007/978-3-030-12085-6_3
M3 - Chapter
SN - 9783030120849
VL - 11398 LNCS
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 27
EP - 38
BT - Information and Operational Technology Security Systems
PB - Springer-Verlag
ER -
