Home > Research > Publications & Outputs > Towards a framework for assessing the feasibili...
View graph of relations

Towards a framework for assessing the feasibility of side-channel attacks in virtualized environments

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paper

Published

Standard

Towards a framework for assessing the feasibility of side-channel attacks in virtualized environments. / Vateva-Gurova, T.; Luna, J.; Pellegrino, G.; Suri, Neeraj.

2014 11th International Conference on Security and Cryptography (SECRYPT). IEEE, 2014. p. 113-124.

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paper

Harvard

Vateva-Gurova, T, Luna, J, Pellegrino, G & Suri, N 2014, Towards a framework for assessing the feasibility of side-channel attacks in virtualized environments. in 2014 11th International Conference on Security and Cryptography (SECRYPT). IEEE, pp. 113-124. <https://ieeexplore.ieee.org/document/7509479>

APA

Vateva-Gurova, T., Luna, J., Pellegrino, G., & Suri, N. (2014). Towards a framework for assessing the feasibility of side-channel attacks in virtualized environments. In 2014 11th International Conference on Security and Cryptography (SECRYPT) (pp. 113-124). IEEE. https://ieeexplore.ieee.org/document/7509479

Vancouver

Vateva-Gurova T, Luna J, Pellegrino G, Suri N. Towards a framework for assessing the feasibility of side-channel attacks in virtualized environments. In 2014 11th International Conference on Security and Cryptography (SECRYPT). IEEE. 2014. p. 113-124

Author

Vateva-Gurova, T. ; Luna, J. ; Pellegrino, G. ; Suri, Neeraj. / Towards a framework for assessing the feasibility of side-channel attacks in virtualized environments. 2014 11th International Conference on Security and Cryptography (SECRYPT). IEEE, 2014. pp. 113-124

Bibtex

@inproceedings{47678d886ecc433daca8fe3d44ea8334,
title = "Towards a framework for assessing the feasibility of side-channel attacks in virtualized environments",
abstract = "Physically co-located virtual machines should be securely isolated from one another, as well as from the underlying layers in a virtualized environment. In particular the virtualized environment is supposed to guarantee the impossibility of an adversary to attack a virtual machine e.g., by exploiting a side-channel stemming from the usage of shared physical or software resources. However, this is often not the case and the lack of sufficient logical isolation is considered a key concern in virtualized environments. In the academic world this view has been reinforced during the last years by the demonstration of sophisticated side-channel attacks (SCAs). In this paper we argue that the feasibility of executing a SCA strongly depends on the actual context of the execution environment. To reflect on these observations, we propose a feasibility assessment framework for SCAs using cache based systems as an example scenario. As a proof of concept we show that the feasibility of cache-based side-channel attacks can be assessed following the proposed approach.",
keywords = "Feasibility analysis, Feasibility factors, Security classifications, Side-channel attacks, Java programming language, Execution environments, Feasibility assessment, Security classification, Side channel attack, Software resources, Virtualized environment, Virtual reality",
author = "T. Vateva-Gurova and J. Luna and G. Pellegrino and Neeraj Suri",
year = "2014",
month = aug,
day = "28",
language = "English",
isbn = "9781467392402",
pages = "113--124",
booktitle = "2014 11th International Conference on Security and Cryptography (SECRYPT)",
publisher = "IEEE",

}

RIS

TY - GEN

T1 - Towards a framework for assessing the feasibility of side-channel attacks in virtualized environments

AU - Vateva-Gurova, T.

AU - Luna, J.

AU - Pellegrino, G.

AU - Suri, Neeraj

PY - 2014/8/28

Y1 - 2014/8/28

N2 - Physically co-located virtual machines should be securely isolated from one another, as well as from the underlying layers in a virtualized environment. In particular the virtualized environment is supposed to guarantee the impossibility of an adversary to attack a virtual machine e.g., by exploiting a side-channel stemming from the usage of shared physical or software resources. However, this is often not the case and the lack of sufficient logical isolation is considered a key concern in virtualized environments. In the academic world this view has been reinforced during the last years by the demonstration of sophisticated side-channel attacks (SCAs). In this paper we argue that the feasibility of executing a SCA strongly depends on the actual context of the execution environment. To reflect on these observations, we propose a feasibility assessment framework for SCAs using cache based systems as an example scenario. As a proof of concept we show that the feasibility of cache-based side-channel attacks can be assessed following the proposed approach.

AB - Physically co-located virtual machines should be securely isolated from one another, as well as from the underlying layers in a virtualized environment. In particular the virtualized environment is supposed to guarantee the impossibility of an adversary to attack a virtual machine e.g., by exploiting a side-channel stemming from the usage of shared physical or software resources. However, this is often not the case and the lack of sufficient logical isolation is considered a key concern in virtualized environments. In the academic world this view has been reinforced during the last years by the demonstration of sophisticated side-channel attacks (SCAs). In this paper we argue that the feasibility of executing a SCA strongly depends on the actual context of the execution environment. To reflect on these observations, we propose a feasibility assessment framework for SCAs using cache based systems as an example scenario. As a proof of concept we show that the feasibility of cache-based side-channel attacks can be assessed following the proposed approach.

KW - Feasibility analysis

KW - Feasibility factors

KW - Security classifications

KW - Side-channel attacks

KW - Java programming language

KW - Execution environments

KW - Feasibility assessment

KW - Security classification

KW - Side channel attack

KW - Software resources

KW - Virtualized environment

KW - Virtual reality

M3 - Conference contribution/Paper

SN - 9781467392402

SP - 113

EP - 124

BT - 2014 11th International Conference on Security and Cryptography (SECRYPT)

PB - IEEE

ER -