Virtualization Technology: Cross-VM Cache Side Channel Attacks make it Vulnerable
This highlights a critical security problem for cloud service providers and users, as it exposes risks in widely adopted virtualization technologies, though the analysis is incremental in reviewing existing attacks and defenses.
The paper addresses the vulnerability of virtualization technology in cloud computing to cross-VM cache side channel attacks, which exploit shared cache memory to leak sensitive data like cryptographic keys, and it analyzes various attack techniques and countermeasures.
Cloud computing provides an effective business model for the deployment of IT infrastructure, platform, and software services. Often, facilities are outsourced to cloud providers and this offers the service consumer virtualization technologies without the added cost burden of development. However, virtualization introduces serious threats to service delivery such as Denial of Service (DoS) attacks, Cross-VM Cache Side Channel attacks, Hypervisor Escape and Hyper-jacking. One of the most sophisticated forms of attack is the cross-VM cache side channel attack that exploits shared cache memory between VMs. A cache side channel attack results in side channel data leakage, such as cryptographic keys. Various techniques used by the attackers to launch cache side channel attack are presented, as is a critical analysis of countermeasures against cache side channel attacks.