Please note: This PhD seminar will take place in DC 1304.
Daewoo Kim, PhD candidate
David R. Cheriton School of Computer Science
Supervisor: Professor Sihang Liu
Virtualization is widely adopted in cloud systems to manage resource sharing among users. A virtualized environment usually deploys a virtual switch within the host system to enable virtual machines to communicate with each other and with the physical network. The Open vSwitch (OVS) is one of the most popular software-based virtual switches for virtualized environments. The OVS maintains a cache hierarchy to accelerate packet forwarding from the host to virtual machines.
We characterize the caching system inside OVS from a security perspective and identify three attack primitives. Based on the attack primitives, we present four remote attacks via OVS, breaking the isolation in virtualized environments. First, we identify remote covert channels using different caches. Second, we demonstrate an activity profiling attack that infers a remote user’s website access. Third, we present a header recovery attack that leaks a remote user’s packet header fields, breaking the confidentiality guarantees from the system. Finally, we demonstrate a keystroke attack that recovers a remote typer’s inter-keystroke latency. To defend against these attacks, we also discuss potential mitigations.
200 University Ave West
Waterloo, ON N2L 3G1
Canada
