identification and evaluation of sharing memory covert timing
TRANSCRIPT
Identification and Evaluation of Sharing Memory Covert Timing Channel in XenVirtual Machines
JingZheng Wu∗‡, Liping Ding∗, Yongji Wang∗† and Wei Han∗‡∗ National Engineering Research Center for Fundamental Software, Institute of Software
† State Key Laboratory of Computer Science, Institute of Software‡ Graduate School, The Chinese Academy of Science, Beijing, China
{jingzheng,liping,yongji,hanwei}@nfs.iscas.ac.cn
Abstract—Virtualization technology is the basis of cloudcomputing, and the most important property of virtualizationis isolation. Isolation guarantees security between virtual ma-chines. However, covert channel breaks the isolation and leakssensitive message covertly. In this paper, we formally modelthe isolation into noninterference, and define that all the trans-mission channels violating noninterference are covert channels.With this definition, we present an identification method basedon information flow. This method first compiles the source codeinto a more structured equivalent code with LLVM. And thena search algorithm is proposed to obtain the shared resourcesand the operational processes in the equivalent code. A newcovert channel termed sharing memory covert timing channel(SMCTC) is identified from Xen source code. We constructchannel scenario for SMCTC, and evaluate its threat with themetrics of channel capacity and transmission accuracy. Theresults show that SMCTC is much more threatened than CPUload based and cache based covert channels etc.
Keywords-Xen, Cloud Computing, Covert Timing Channel,Channel Identification, Channel Scenario Construction, Chan-nel Performance Evaluation
I. INTRODUCTION
Virtualization technology associates with cloud computinghas become increasingly popular, due to its ability to providecomputing resources and software services dynamically andelastically [1]. Virtual machines (VM) instantiate standaloneoperating systems on demand based on a software layercalled virtual machine monitor (VMM) or hypervisor. Themajor advantage of the virtual machine is its strong isolation[2]. Operating systems share resources on a single hardwareplatform through virtual interface without knowing eachother. With the isolation, a cloud provider can service dif-ferent companies with noninterference simultaneously (e.g.Amazon’s Elastic Compute Cloud [3]).
Privacy and security of customers are guaranteed by theservice provider. Although VMM isolates each customer’sdata and application from the others’, communications be-tween VMs through network or storage are inevitable. Inorder to enhance the security of virtual machines, some ac-cess control mechanisms have been presented [4], [5]. sHype[6] is a MAC-based (Mandatory Access Control) securityextension to Xen hypervisor [1], allowing to apply varioussecurity policies to VMs. For example, sHype enables the
Chinese Wall policy and the Type Enforcement policy tospecify the resources whether can be accessed by the VMs.
Unfortunately, information leakage still exists in virtualmachines (e.g. covert channels [7], [8]) even if the securitypolicies have been deployed [9]. Aviram etc. [10] concludefour categories of risks to cloud computing. The first is paral-lelism comparing with the uniprocessors and single threadedprocesses. The massive parallel cloud context creates numer-ous implicit, high resolution clocks which can be used toconstruct the covert timing channels. Secondly, the attacksconvert from inside to outside. The attackers can eavesdropthe co-resident victim by monitoring timing channel forSSH keystroke [11] etc. Thirdly, the timing channel attacksare unlikely to be caught because of the privacy. Cloudcustomers and even the cloud providers are not allowedto monitor the other customers’ computations, therefore noattack trails will be recorded. Finally, the handling technolo-gies can not be deployed in cloud. For example, partitioningand adding noises may limit the provider’s ability and alsolimit the cloud’s elasticity. Although the cloud and the virtualtechnology provide strong isolation, the risk of informationleakage by covert channel is always inevitable.
Covert channel is a leakage mechanism used to transfersensitive message violating security policies specified bythe information systems [12]. It originates from programconfinement problems [13], and has been found in themono-systems [14] (operating systems and database sys-tems), network [15], [16] and cloud computing [7]. Securecriterions (e.g. TCSEC [12] and CC [17]) require covertchannel analysis (CCA) when building secure systems. Theobjectives of CCA are identification, estimation capacity andhandling [18], and the most difficult task is identification[19].
In this paper, we investigate covert channels in Xen whichis an open source VMM and becomes the mainstream in-frastructure of cloud computing. Xen is a high performanceresource-managed VMM supporting full virtualization andparavirtualization and also supporting multi-application op-erating systems [1]. We model isolation into noninterferencefrom the aspect of information flow, and define that covertchannels are the transmission channels violating the non-
2011 IEEE 4th International Conference on Cloud Computing
978-0-7695-4460-1/11 $26.00 © 2011 IEEE
DOI 10.1109/CLOUD.2011.10
283
interference. With the definition, an identification methodis presented. This method compiles Xen source code intoa more structured format with LLVM, and obtains theshared resources and the operational processes with a searchalgorithm. A new covert channel is identified and termedSharing Memory Covert Timing Channel (SMCTC). WhenVMs locating in the same hardware platform share memorypage between them, they can communicate covertly regard-less of sHype. Another focus of this paper is to evaluatethe performance of SMCTC. We construct a scenario forSMCTC, estimate its capacity and transmission accuracyand investigate the possible effect factors. The distinguishcontributions made in this paper are: 1) as far as we known,we are the first to defined the noninterference and covertchannel in Xen; 2) covert channel is identified in Xen sourcecode with compiling technology; 3) a new covert channelSMCTC is identified and its threat is evaluated in detail.
The remainder of the paper is organized as follows.Section II surveys the related works of covert channel in Xenand cloud computing. Section III models the informationflow between Xen and the VMs, and describes the formaldescription of covert channel. Section IV constructs SMCTCscenario and implements an experiment to evaluate theperformance of SMCTC. Finally, Section V concludes thispaper with a brief summary.
II. RELATED WORK
Covert channel is a mechanism to indirectly transmitsensitive information to unauthorized parties. These chan-nels satisfy some minimum criterions [20]: the sender andreceiver can access to the same attribute of a shared resource,the sender can change it and the receiver can detect thechanges. Additionally, a synchronization mechanism is usedto guarantee the correctness of the communication. Accord-ing to the attributes of the shared resource, covert channelsare classified into storage and timing channels [18].
Many efforts of covert channel analysis have been madeto the mono-systems and network systems in literature.To identify covert channels from operating systems, syn-tactic/semantic information-flow analysis methods, sharedresource matrix method, noninterference analysis method,and directed information flow graph method have beenpresented [18]. For example, an event-flag channel relatedto the global variable last type has been identified from theLinux kernel 2.6.18 [19]. In Linux file systems, last type iswritten and read by malicious sender and receiver processesrespectively to communicate covertly. The sender sends thecovert message by altering the event state in a certainregularity, and the receiver observes the change to receivethe message. Such an event-flag channel can bypass thesecurity policies. In recent years, network covert channelhas become a hot issue. Hackers usually encodes messagesinto the unused or reserved bits of frames, e.g. IP Type ofService(TOS) field, Don’t Fragment (DF), URGent (URG)
or TCP Flags bits in the packet header. Senior hackers mayencode the covert messages into the sending/receiving timesor the packets interval times etc. to form the timing channels,which are much more difficult to detect or handle [21], [22].
Thomas etc. [7] states that any physical machine re-sources multiplexed between the attacker and target mayform a potentially useful channel in virtual machines. Theseresources include network access, CPU branch predictorsand instruction cache, DRAM memory bus, CPU pipelines,scheduling of CPU cores and time slices, disk access, etc.They implement covert channels using memory bus andhard disk contention, and describe a cached based covertchannel in detail. This channel takes the sender’s idles astransmitting 0 and the frantic accesses to memory block astransmitting 1. The receiver accesses a memory block ofhis own and observes the access latencies. High latenciesdenote the sender is evicting the receiver’s data from thecaches and mean 1 is transmitted, otherwise 0 is transmitted.They improve this channel and create a much more robustone. The experiment results in Xen show that informationleakage between VMs is realizable, and cloud computing issuffering the threat of covert channel.
Thomas etc. have referred to the load based covertchannel, and Okamura and Oyama [8] analyze it in moredetail. They quantitatively evaluate the channel performanceand develop CCCV (Covert Channels using CPU loadsbetween Virtual machines) which creates covert channel tocommunicate secretly. CCCV describes a scenario that thesender and receiver processes locate in different domainshosted by Xen hypervisor, and the VCPUs are mapped tothe same physical CPU (core). Each process executes task tin its domains without interference. The receiver repeatedlyexecutes task t and investigate the elapsed time. If the senderdoes not execute a task, the elapsed time keeps the same. Ifthe sender issues the task and the physical CPU alternatelyschedule in every time slice, the elapsed time obtained bythe receiver gets longer. The different time can be modeledas a timing channel, and the malicious users can transmitcovert message according to the changing of CPU load. Thecapacity and accuracy are evaluated in detail under variousconditions. The CPU load based channel achieves a bettercapacity than the cache based one with no error withoutinterference, and only small errors when interfered by otherprocesses.
Above researches indicate that the covert channel is acritical threat to cloud computing. To eliminate the threatof covert channel, some secure frameworks have been pre-sented. For example, Lares [23] implements an architecturewhich takes a hybrid approach, giving security tools theability to do active monitoring while still benefiting fromthe isolated of virtual machine. HyperSentry [24], HyperSafe[4] etc. provide a self-protection of lifetime control flowintegrity. However, because the resource share between thevirtual machines, the covert channels are inevitable.
284
III. IDENTIFICATION OF COVERT CHANNEL
In multilevel systems, access rules are specified by thesecurity policies. Information can only flow from a cer-tain level to an equal or higher one. However, maliciousobjects can indirectly communicate with each other usingside channels, i.e. covert channels [25], [26]. Modeling theinformation flows including direct and indirect ones willdeduct the covert channels [27], which is the main concernof this section.
A. Information Flow Model
Denning [28] presents a lattice model of secure infor-mation flow, which has been also used to identify covertchannels. We extend this model to Xen hypervisor.
Xen Information Flow Model is defined by
XFM =< N,P, V M,⊙,→>,
where N = {a, b, . . .} is a set of logical objects denoting theshared storage or timing resources. Let σa = {a1, a2, . . .} bea state set of the object a. In traditional operating systems,elements of N may be the files, event states, etc., and σ is thecorresponding value domain for each element. In Xen andcloud computing, the elements may be VCUPs and cachesin load based and cache based channels.
In XFM , P is a set of processes and defined by
P = {P1, P2, . . .}, Dom(Pi), Dom(Pj) ∈ VM,
where VM = {VM1, V M2, . . .} is a set of virtual domainshosting processes and i, j denote the ith, jth processes. Ifthe processes are in the same domains,
Dom(Pi), Dom(Pj) ∈ VMk,
they are actually in the same operating system and k denotesthe kth domain in Xen. Such processes are isolated from theones in other domains. Processes in different domains cannot communicate with each other, however, network service,covert channels, etc. can break this isolation.
A binary operator ⊙ denotes that a process can operate alogical object and change its state, represented by
Pi ⊙ a ∈ σa.
A relation operator→ denotes the information flows fromthe left to the right side. For processes Pi, Pj and the logicalobjects a, b,
Pi ⊙ a→ Pj ⊙ b,
means that Pi sends message to Pj by operating a and b,and the information flows from Pi to Pj .
Definition 1 (Noninterference in Xen): In Xen domains,processes are isolated from each other, which can be mod-eled as noninterference presented by
∀a ∈ N,Pi ⊙ a = Pj ⊙ (Pi ⊙ a).
Figure 1. Xen and Information Flows Model
Process Pj can not perceive any operations not dominatedby it in the system, i.e. no information flows from Pi to Pj ,
Pi → Pj .
However, total noninterference is not desirable becauseof the increasingly interconnections required by applica-tions. Processes locate in different domains may need tocommunicate with each other, therefore the informationflows are classified into legitimate and illegitimate ones. Thelegitimate flows include network service, external I/O andthe cooperation through the storage resources. For example,P1 resides in VM1 hosts a web site, and P2 in VM2
browses the web content. The information flows from P1
to P2 legitimately. The illegitimate flows usually called sidechannels or covert channels.
Definition 2 (Covert Channel in Xen): In Xen domains,noninterference and some other secure policies (e.g. MAC)guarantee that no information flows between VMs. Butthe malicious processes indirectly communicate with virtualresources violating these policies, represented by
∃a ∈ N,Pi ⊙ aSec−→ Pj ⊙ b,
where Sec denotes the secure policies deployed. a and b arelogical independent, but the real responding resource maybe the same, e.g. the physical CPU.
The information flow model of Xen is shown in Figure1. Users in each domain run applications as if employingthe hardware resources exclusively. User applications sendrequests using syscalls in guest OS, and are modified andintercepted by hypercalls in hypervisor. The hypercall in-terface allows domains to perform a synchronous softwaretrap into the hypervisor to perform a privileged operation,and the communication from Xen to a domain is providedthrough an asynchronous event mechanism. The informationflows from the user applications to the hardware, and the callbranches are represented by
Application→ Syscalls→ Hypercalls→ Hardware.
285
When the resources respond the request, the informationflows reversely.
Although user applications located in different guest OSemploye independent VCPUs, the tasks are dispatched to thephysical CPU through event channel mechanism eventually.The malicious users communicate covertly through covertchannel by altering and viewing the shared resources, andthe information flows between VMs violate the noninterfer-ence policies.
B. Identification Algorithm
Identification is to find out potential covert channelsfrom secure systems. The primary sources of informationfor identification include the system reference manuals, theDetailed Top-Level Specification (DTLS), the Formal Top-Level Specification (FTLS), source code and processor in-struction code [29]. System reference is widely available, butlacks implemental details. DTLS and FTLS can not deduceall the channels for lack of details of the data structuresand code. Comparing with these sources, identification fromsource code can find out all the covert channels and thelocations to place the handle schemes [30].
The main identification methods include the informationflow analysis method [28], [30], the shared matrix method[20], [31] and the noninterference analysis method [32],[27]. The basis of these methods is to detect the interferentialoperations to the shared resources. The shared resources arerepresented by the shared variables in source code [19].
In this paper, we have declared that covert channel inXen allows the information flows break noninterference.Therefore we present an identification method based on thisdefinition. First, we analyze the source code by compilingit into an equivalent format (i.e. Bitcode format, short forBC). The produced BC file has better structure, which iseasy to obtain the information flows. Then an algorithm ispresented to search the shared resources completely in thisintermediate code. Finally, the corresponding call branchesare modeled with the information flows. If the informationflows violate the noninterference property, the potentialcovert channels are identified.
Xen source code is compiled into the intermediate codeBC file using LLVM [33]. LLVM is a compiler frameworkthat aims to make lifelong program analysis and transfor-mation available for arbitrary source code. It provides toolsand API (Application Program Interface) to analyze theintermediate code further, and it is convenient to find out thevariables and the call branches (i.e. Pi ⊙ a). Pi composedof a sequence of functions operates the shared resource a.To find Pi⊙a is to find the relations between functions (i.e.< F,F >) and between the functions and variables (i.e.< F, V >) in BC file.
LLVM BC files are structured, composed of Modules, andeach of the modules is a translation unit of the input pro-grams. Each module consists of functions, global variables,
BeginFor each F u n c t i o n i n Module
For each B a s i c b l o c k i n F u n c t i o nFor each I n s t r u c t i o n i n B a s i c b l o c k
For each Operand i n I n s t r u c t i o nI f Operand i s V a r i a b l e
/ / Ou tpu t <F , V> and p r o p e r t yOutpu t (<Func t ion , Operand >)Outpu t ( Label<Read or Wri te >)
E l i f Operand i s F u n c t i o n/ / Ou tpu t <F , F> and p r o p e r t yOutpu t (<Func t ion , Operand >)Outpu t ( Label<Read or Wri te >)
E n d i fEnd
Figure 2. Algorithm of Obtaining Relations between functions andvariables
and symbol table entries. And a function contains a list ofbasic blocks which is a unit of instructions. The BC filewith a simple structure is convenient to obtain the relationsof < F,F > and < F, V >. The explicit algorithm is shownin Figure 2.
Figure 2 shows how to output the relations of < F,F >and < F, V > function by function in each module. Whenall the modules have been analyzed, all the relations betweenfunctions and variables are obtained. These relations arecomplete, because all the functions and the variables arevisited. The function call branches can be derived by depth-first searching in the relations. Operations of process isexpressed by
Pi ⊙ a = {Fin → · · · → Fi2 → Fi1 → V },
where Fin calls some other functions, then calls Fi2, Fi1
sequently and calls the variable V at last.
C. Identification in Xen
Xen offers two shared virtual resources to support com-munications and cooperations between VMs, including eventchannels and shared memory [1], [6]. Event-channel hy-percalls enable VMs to setup point-to-point synchronizationchannels. Grant-table hypercalls enable VMs to access otherVMs memory pages using event channels. These sharedresources potentially host covert channels, and the sourcecodes are analyzed in detail in the following.
Xen provides grant tables for sharing memory betweenVMs. Each domain has its own grant table, with which VMsetups a shared ring structure to share data effectively. Whenthe sharing module has been analyzed, the results of callbranches and information flows are shown in Figure 3. Theshared ring is the shared virtual resource between VMs, andthe sending and receiving processes are located in different
286
Figure 3. Covert Channel Identification in Xen
VMs. The processes are operated in the user space, and callthe shared ring using hypercall in Xen. Process Pi in DomUi
writes data into the shared ring and process Pj reads datafrom it, which are expressed as follows,
Pi ⊙ {Share Ring} = {user write→ send request→RING PUSH REQUESTS AND CHECK
NOTIFY → Shared Ring},Pj ⊙ {Share Ring} = {user read← get request←
RING GET REQUEST ← Shared Ring}.
At the same time, information flows from Pi to Pj isexpressed as
Pi ⊙ {Share Ring} → Pj ⊙ {Share Ring}.
Pi and Pj send and receive data synchronously by sharingmemory, which results in the flow of information from Pi
to Pj . Because the processes violate the noninterferencein Xen, a covert channel exists accompanying with theovert channel (i.e. sharing memory). Pi and Pj are bothmalicious processes, and they predetermine how to expressthe message using different time intervals. Pi sends covertmessage by controlling the data sending time, and Pj obtainsthe message by observing the data arrival time. The sensitivemessage can be transmitted from Pi to Pj covertly. This typeof covert channel is named Sharing Memory Covert TimingChannel in this paper.
IV. PERFORMANCE EVALUATION OF SMCTCWhen a potential covert channel has been identified,
channel scenario must be constructed to determine whetherit is a real covert channel. The threat of the channel is alsoevaluated in the scenario. Metrics to evaluate the channelperformance are channel capacity and transmission accuracy,both of which must be analyzed [16].
Channel capacity and accuracy are critical to both theattackers and the protectors. To attackers, the goal is to find
the way to employ a covert channel, and they expect thatthe covert message can be transmitted fast and accurately.To protectors, the goal is to find the covert channels andhandle them, and they usually insert noise to decrease thechannel capacity and the decoding accuracy (e.g. limit someoperations or perform the same operations as attackers) [18].
We implement SMCTC in a desktop computer with anIntel R⃝ Pentium D 3.00Hz CPU and 1.5GB main memory.The version of Xen hypervisor is 4.0.0. We run UbuntuLinux in each VM and allocate 128MB virtual memory toeach VM. The programs used to send and receive the covertmessage are implemented in C-language.
A. Scenario Construction of SMCTC
Joon presents a scenario model which consists of a sender-receiver synchronization (S-R) period, a transmission periodand a feedback period [34]. The sender notifies the receiverin the S-R period, and starts a new transmission after thefeedback period. The sender and receiver predetermine theperiods and repeat this cycle until the end of the transmis-sion.
SMCTC uses sharing memory structured as sharing ringto transmit covert message. Pi and Pj cooperate as theproducer and consumer model. Pi puts data into the sharingring and notifies Pj . Pj gets data on interrupts, and recordsthe arrival time. A bit of covert message has been transmittedin this cycle. The channel scenario of SMCTC is shown inFigure 4. The explicit communication protocol is describedas follows.
1) Pi encodes covert message into binary string, and usestime intervals T0 and T1 to denote signal 0 and 1,where T1 is longer than T0 (T0 < T1).
2) Pi setups a shared ring structure with a grant table,and passes the grant reference to Pj .
3) Pj maps the sharing memory into its own address.4) Pi encodes the covert message into the time intervals
and insert them into the sending time, and then sendsthe innocent data according to the intervals.
5) Pj obtains the innocent data and records the timeintervals on each interrupt.
6) When Pi has sent all the covert message, the leftinnocent data is sent continually.
7) Pj receivers all the innocent data and parses theintervals into binary string, and then decodes them intothe covert message. At last, Pj unmaps the sharingmemory after the transmission.
8) Pi revokes the grant reference, and the covert trans-mission is over.
In Figure 4, a covert message encoded into 10100 istransmitted using SMCTC. The sender modifies the sendingtime, and the receiver obtains them by judging the lengthof each intervals. SMCTC is a covert timing channel, nodata is modified during the transmission. Comparing with
287
Figure 4. SMCTC Transmission Scenario
the storage channel, SMCTC can bypass the secure systemssuch as firewalls, intrusion detection systems, etc.
B. Capacity Evaluation of SMCTC
To estimate the threat of a covert channel, capacitymeasurement is required by both TCSEC [12] and CC [17],[35] criterions. Some other metrics such as security leveldifference [36] and small message criterion [37], [38] arealso commonly used. To attackers, the goal is to transfercovert message as fast as possible. Capacity is the amount ofinformation transferred by the channel per unit time (bits persecond). Formal and non-formal methods are presented tocalculate the capacity by Millen and Tsai [18]. The accuratecapacity can be obtained by calculation, experiment andmathematical analysis.
The capacity in this experiment is calculated as follows,
C =N(t)
tbits/s,
where N(t) is the amount of the information transmitted intotal time t. If the distribution of the signals 0 and 1 are q0and q1, the transmitted time unit T is represented as follows,
T = q1 × T1 + q0 × T0.
where the total transmission time t includes n cycles (t =n× T ), and
q1 + q0 = 1
The values of q0 and q1 vary according to the differentencoding scheme adopted. In this paper, we adopt the ASCIIscheme, and the distribution of the signals 0 and 1 are almostequal meaning q0 = q1 = 0.5. If some other encodingschemes are adopted, the capacity will be affected. For moredetails about the covert channel encoding scheme, pleaserefer to [16].
SMCTC is a covert timing channel using time intervalsT0 and T1 to denote the signals 0 and 1. A string has beentransferred 100 times whose binary length is 360bits. Thecapacity of SMCTC is shown in Figure 5 and Figure 6. Thex-axis is the different time ∆T = T1 − T0, and the y-axisis the channel capacity in the figures.
In Figure 5, the range of ∆T is from 0.01s to 0.2s. Chan-nel capacity decreases from 174.98bits/s to 9.93bits/s. Thereason for decreasing is that when ∆T increases, the averagetime unit T increases, and transferring a bit information
Figure 5. SMCTC Capacity in Different T1 − T0
Figure 6. SMCTC Capacity in Different T1 − T0
needs a longer time. Devices in VMs may hope to shareinnocent data as fast as possible, and the intervals areexpected to be small correspondingly. If the intervals aretoo big, the channel will be easy to be detected. Capacityis bigger with small intervals, which is obvious in Figure 6.The range of ∆T is from 0.001s to 0.02s, and the capacitydecreases from 193bits/s to 97.68bits/s. The variation inFigure 6 is not monotonous, because ∆T is so small thatsome other processes may affect the intervals.
C. Accuracy Evaluation of SMCTC
Accuracy is also a metric to evaluate the channel perfor-mance. If the covert message can not be decoded correctly,the obtained information is valueless. The channel accuracyis measured as the percentage of correctly received bits. AsCabuk [39], the edit distance [40] is adopted to measurethe accuracy, which is the minimum distance between twostrings.
The accuracy of the channel is shown in Figure 7, therange of ∆T is from 0.01s to 0.2s and the error rate is under2.0%. In this scenario, Pi and Pj share memory withoutinterference. This is an ideal case, because ∆T is biggerenough and easy to differentiate. When ∆T increases, T0
and T1 are easy to differentiate and the error rate decreases.In cloud computing, some other processes may run in the
VMs hosted in the same hardware with the malicious VMs.
288
Figure 7. SMCTC Accuracy in Different T1 − T0 without Interruption
Figure 8. SMCTC Accuracy in Different T1 − T0 with Interruption
If these processes are CPU load based, ∆T of SMCTC willbe interfered and the error rate will increase. In the worstcase, a third process Pk does the same operation as Pi. Theintervals obtained by Pj are interfered by Pk, and the errorrate increases obviously as shown in Figure 8. Pk interruptsrandomly every 1 to 10 seconds, and the error rate increaseswith the increase of ∆T .
D. Discussion
Thomas etc. [7] implement covert channels using memorybus and hard disk contention and obtain the channel ca-pacities 0.006bits/s and 0.0005bits/s respectively. Okamuraand Oyama [8] implement CPU load based channel andachieve 0.49bits/s with no error rate without interference,and only 10% error rate when interfered by other processes.Comparing with these covert channels, SMCTC has betterperformance, which means SMCTC is much more threat-ened.
We adopt the ASCII scheme to construct the scenario inSMCTC, and we assume that the distributions of the signals0 and 1 are equal (q0 = q1 = 0.5). However, the distributionsof the signals are not equal in some other encoding schemes,which will affect the channel capacity and accuracy [41].[16] introduces huffman coding scheme into the networkcovert timing channel. In that scenario, the sender and
receiver hold the same Huffman N-ary code book, andeach Huffman code is represented as a packet interval. Thecapacity achieves 58.35bits/s, raises 250% comparing withCabuk’s channel [21]. Sellke etc. present a complex timingchannel based on code book [42]. The main scheme is L-bits to n-packets, where n intervals (T1, T2, · · · , Tn) denoteLbits binary string. When 9-bits to 3-packets is adopted, thecapacity is about 37bits/s. An error in decoding can onlyaffect Lbits signals.
In this paper, the capacity achieves 174.98bits/s with 2%error rate in ASCII scheme. If some other complicatedencoding scheme are adopted, SMCTC will be much morethreatened to cloud computing.
V. CONCLUSION
Cloud computing has become more and more popular,and the privacy and security of the virtualization is criticalto both the cloud provider and customers. Although VMMisolates each domain, the communications through networkor storage between the VMs are inevitable. VMs hostedon the same hardware platform share the resources, andsensitive information can be leaked by covert channels.Covert channel is a side channel accompanying with theinnocent communication between VMs.
In this paper, we have defined the noninterference in Xen,and declared that the information leakage approach whichviolates the noninterference is the covert channel. To identifythe covert channels, we compile the Xen source code intoBC file, and search the shared resources in this structuredfile. When the call branches are found out, the informationflows are tested to determine whether the noninterferencehas been violated. Comparing with the other identifyingmethods, our method is the first one used in Xen virtualmachines. A covert channel SMCTC has been identified,and the corresponding scenario is constructed.
SMCTC transmits covert message according to the shar-ing memory mechanism of Xen VMM, and the memorymechanism is important to exchange data between VMs. Weevaluate the channel performance including channel capacityand transmission accuracy which are critical to both theattackers and protectors. The capacity achieves 174.98bits/swith 2% error rate. Comparing with the covert channelsproposed in [7], [8], SMCTC is much more threatened.
ACKNOWLEDGE
We thank the anonymous reviewers for suggestions thatled to improvements to this paper. This work is supportedby the National Science and Technology Major ProjectNo.2010ZX01036-001-002, the Knowledge Innovation KeyDirectional Program of Chinese Academy of Sciences un-der Grant No.KGCX2-YW-174 and the Grand Project ofthe Institute of Software Chinese Academy of SciencesNo.YOCX285056.
289
REFERENCES
[1] P. Barham, B. Dragovic, K. Fraser, S. Hand, T. L. Harris,A. Ho, R. Neugebauer, I. Pratt, and A. Warfield, “Xen andthe art of virtualization,” in SOSP, 2003, pp. 164–177.
[2] K. Nance, M. Bishop, and B. Hay, “Virtual machine intro-spection: Observation or interference?” IEEE Security andPrivacy, vol. 6, no. 5, pp. 32–37, 2008.
[3] “Amazon elastic compute cloud (ec2),” http://aws.amazon.com/ec2/.
[4] Z. Wang and X. Jiang, “Hypersafe: A lightweight approachto provide lifetime hypervisor control-flow integrity,” in IEEESymposium on Security and Privacy. IEEE ComputerSociety, 2010, pp. 380–395.
[5] B. D. Payne, R. Sailer, R. Caceres, R. Perez, and W. Lee, “Alayered approach to simplified access control in virtualizedsystems,” Operating Systems Review, vol. 41, no. 4, pp. 12–19, 2007.
[6] R. Sailer, T. Jaeger, E. Valdez, R. Caceres, R. Perez, S. Berger,J. L. Griffin, and L. van Doorn, “Building a mac-basedsecurity architecture for the xen open-source hypervisor,” inACSAC. IEEE Computer Society, 2005, pp. 276–285.
[7] T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, “Hey,you, get off of my cloud: exploring information leakage inthird-party compute clouds,” in CCS ’09: Proceedings ofthe 16th ACM conference on Computer and communicationssecurity. New York, NY, USA: ACM, 2009, pp. 199–212.
[8] K. Okamura and Y. Oyama, “Load-based covert channelsbetween xen virtual machines,” in SAC, 2010, pp. 173–180.
[9] Y. Chen, V. Paxson, and R. H. Katz, “Whats new about cloudcomputing security?” EECS Department, University of Cali-fornia, Berkeley, Tech. Rep. UCB/EECS-2010-5, Jan 2010,http://www.eecs.berkeley.edu/Pubs/TechRpts/2010/EECS-2010-5.html.
[10] A. Aviram, S. Hu, B. Ford, and R. Gummadi, “Determinatingtiming channels in compute clouds,” in CCSW ’10: Proceed-ings of the 2010 ACM workshop on Cloud computing securityworkshop. New York, NY, USA: ACM, 2010, pp. 103–108.
[11] D. X. Song, D. Wagner, and X. Tian, “Timing analysis ofkeystrokes and timing attacks on ssh,” in SSYM’01: Proceed-ings of the 10th conference on USENIX Security Symposium.Berkeley, CA, USA: USENIX Association, 2001, pp. 25–25.
[12] NCSC, “Trusted computer system evaluation criteria (orangebook),” 1985.
[13] B. W. Lampson, “A note on the confinement problem,”Commun. ACM, vol. 16, no. 10, pp. 613–615, 1973.
[14] J. K. Millen, “20 years of covert channel modeling andanalysis,” in IEEE Symposium on Security and Privacy, 1999,pp. 113–114.
[15] S. Zander, G. J. Armitage, and P. Branch, “A survey ofcovert channels and countermeasures in computer networkprotocols,” IEEE Communications Surveys and Tutorials,vol. 9, no. 1-4, pp. 44–57, 2007.
[16] J. Wu, Y. Wang, L. Ding, and X. Liao, “Improving perfor-mance of network covert timing channel through huffmancoding,” in The 2010 FTRA International Symposium onAdvances in Cryptography, Security and Applications forFuture Computing (ACSA 2010), Gwangju, Korea, December2010.
[17] ISO/IEC, “Common criteria for information technology secu-rity evaluation,” 2005.
[18] Y. Wang, J. Wu, L. Ding, and X. Liao, “Covert channelresearch,” Journal of Software, vol. 21, no. 9, pp. 2262–2288,2010.
[19] J. Wu, Y. Wang, L. Ding, and Y. Zhang, “Constructingscenario of event-flag covert channel in secure operatingsystem,” in 2nd International Conference on Information andMultimedia Technology (ICIMT 2010), Hongkong, December2010, pp. 371 – 375.
[20] R. A. Kemmerer, “Shared resource matrix methodology: Anapproach to identifying storage and timing channels,” ACMTrans. Comput. Syst., vol. 1, no. 3, pp. 256–277, 1983.
[21] S. Cabuk, C. E. Brodley, and C. Shields, “IP covert channeldetection,” ACM Trans. Inf. Syst. Secur., vol. 12, no. 4, pp.1–29, 2009.
[22] V. Berk, A. Giani, G. Cybenko, and N. Hanover, “Detection ofcovert channel encoding in network packet delays,” Rapporttechnique TR536, de lUniversite de Dartmouth. Novembre,2005.
[23] B. D. Payne, M. Carbone, M. I. Sharif, and W. Lee, “Lares:An architecture for secure active monitoring using virtualiza-tion,” in IEEE Symposium on Security and Privacy, 2008, pp.233–247.
[24] A. M. Azab, P. Ning, Z. Wang, X. Jiang, X. Zhang, andN. C. Skalsky, “Hypersentry: enabling stealthy in-contextmeasurement of hypervisor integrity,” in ACM Conference onComputer and Communications Security, 2010, pp. 38–49.
[25] R. Lanotte, A. Maggiolo-Schettini, and A. Troina, “Timeand probability-based information flow analysis,” SoftwareEngineering, IEEE Transactions on, vol. 36, no. 5, pp. 719–734, 2010.
[26] J. Giles and B. Hajek, “An information-theoretic and game-theoretic study of timing channels,” IEEE Transactions onInformation Theory, vol. 48, no. 9, pp. 2455–2477, 2002.
[27] N. Nagatou and T. Watanabe, “Run-time detection of covertchannels,” in ARES, 2006, pp. 577–584.
[28] D. E. Denning, “A lattice model of secure information flow,”Commun. ACM, vol. 19, no. 5, pp. 236–243, 1976.
[29] NCSC, “A guide to understanding covert channel analysis oftrusted systems,” 1993.
[30] C.-R. Tsai, V. D. Gligor, and C. S. Chandersekaran, “On theidentification of covert storage channels in secure systems,”IEEE Trans. Software Eng., vol. 16, no. 6, pp. 569–580, 1990.
290
[31] R. A. Kemmerer and P. A. Porras, “Covert flow trees: A visualapproach to analyzing covert storage channels,” IEEE Trans.Software Eng., vol. 17, no. 11, pp. 1166–1185, 1991.
[32] J. A. Goguen and J. Meseguer, “Security policies and securitymodels,” in IEEE Symposium on Security and Privacy, 1982,pp. 11–20.
[33] C. Lattner and V. S. Adve, “LLVM: A compilation frameworkfor lifelong program analysis & transformation,” in CGO,2004, pp. 75–88.
[34] J. Son and J. Alves-Foss, “A formal framework for real-timeinformation flow analysis,” Comput. Secur., vol. 28, no. 6, pp.421–432, 2009.
[35] H. Zeng, Y. Wang, L. Ruan, W. Zu, and J. Cai, “Covertchannel mitigation method. for secure real-time databaseusing capacity metric,” Journal on Communications, vol. 29,no. 8, pp. 46–56, 2008.
[36] Q. N. Ahmed and S. V. Vrbsky, “Maintaining security andtimeliness in real-time database system,” Journal of Systemsand Software, vol. 61, no. 1, pp. 15 – 29, 2002.
[37] H. Zeng, Y. Wang, W. Zu, J. Cai, and L. Ruan, “Newdefinition of small message criterion and its application intransaction covert channel mitigating,” Journal of Software,vol. 20, no. 4, pp. 985–996, 2009.
[38] I. Moskowitz and M. Kang, “Covert channels-here to stay?”in Computer Assurance, 1994. COMPASS ’94 Safety, Relia-bility, Fault Tolerance, Concurrency and Real Time, Security.Proceedings of the Ninth Annual Conference on, Jun-1 Jul1994, pp. 235–243.
[39] S. Cabuk, C. E. Brodley, and C. Shields, “Ip covert timingchannels: design and detection,” in ACM Conference onComputer and Communications Security, 2004, pp. 178–187.
[40] E. S. Ristad and P. N. Yianilos, “Learning string-edit dis-tance,” IEEE Trans. Pattern Anal. Mach. Intell., vol. 20, no. 5,pp. 522–532, 1998.
[41] L. Yao, X. Zi, L. Pan, and J. Li, “A study of on/off timingchannel based on packet delay distribution,” Computers &Security, vol. 28, no. 8, pp. 785 – 794, 2009.
[42] S. H. Sellke, C.-C. Wang, S. Bagchi, and N. B. Shroff,“TCP/IP timing channels: Theory to implementation,” inINFOCOM, 2009, pp. 2204–2212.
291