techtalk leaks and side channels
DESCRIPTION
TechTalk Leaks and Side Channels. By: Piotr T. Zbiegiel. Title and Content Layout with List. Add your first bullet point here Add your second bullet point here Add your third bullet point here. What are Leaks?. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: TechTalk Leaks and Side Channels](https://reader036.vdocument.in/reader036/viewer/2022062721/5681369a550346895d9e3390/html5/thumbnails/1.jpg)
TechTalkLeaks and Side ChannelsBy: Piotr T. Zbiegiel
![Page 2: TechTalk Leaks and Side Channels](https://reader036.vdocument.in/reader036/viewer/2022062721/5681369a550346895d9e3390/html5/thumbnails/2.jpg)
Title and Content Layout with List• Add your first bullet point here
• Add your second bullet point here
• Add your third bullet point here
![Page 3: TechTalk Leaks and Side Channels](https://reader036.vdocument.in/reader036/viewer/2022062721/5681369a550346895d9e3390/html5/thumbnails/3.jpg)
What are Leaks?• In a virtual system a leak occurs anytime an attacker receives
information to which they would not normally have access.
• There are two types of leaks:
• Direct leaks in which an attack gets access to underlying network, storage, or memory
• Indirect attacks where the attacker can glean information about other tenants or the underlying system. This is termed a side-channel attack.
![Page 4: TechTalk Leaks and Side Channels](https://reader036.vdocument.in/reader036/viewer/2022062721/5681369a550346895d9e3390/html5/thumbnails/4.jpg)
Side Channels• The term side channel is normally tied to a type of attack against
cryptographic systems.
• Rather than attacking a cryptosystem head-on the attacker attempts to learn details of the encrypted message or key by indirect means.
![Page 5: TechTalk Leaks and Side Channels](https://reader036.vdocument.in/reader036/viewer/2022062721/5681369a550346895d9e3390/html5/thumbnails/5.jpg)
Example: Network Hustle• The book describes an attack on a Xen
hypervisor where the attacker steals the IP address of a cotenant.
• This is accomplished by adding a new IP to the virtual network interface of Evil VM that is the same as Target VM.
• The hypervisor accepts the networking change and begins passing traffic to Evil VM instead of the correct recipient.
• Evil VM now has access to all traffic headed to the target.
Target VM
Evil VM
Hypervisor
10.0.0.1
10.0.0.2 10.0.0
.2
![Page 6: TechTalk Leaks and Side Channels](https://reader036.vdocument.in/reader036/viewer/2022062721/5681369a550346895d9e3390/html5/thumbnails/6.jpg)
Virtual MITM• The preceding example attack can be mitigated by configuring
some simple layer 2 filtering rules on the hypervisor.
• Simple and yet we can’t assume the protection is in place.
• Attacks like this are a great reminder of the risks inherent in sharing network paths with guest VMs.
• Make sure a cloud system has dedicated management and storage networks so it can avoid sending that traffic on paths shared with virtual machines.
![Page 7: TechTalk Leaks and Side Channels](https://reader036.vdocument.in/reader036/viewer/2022062721/5681369a550346895d9e3390/html5/thumbnails/7.jpg)
Variety of Virtualization Attacks• 2010 IBM paper showed rise in vulnerabilities and exploits against
virtualization platforms. They identified 6 types of vulnerabilities:
1. Attacks against management console.
2. Attacks against management service with rights on the hypervisors.
3. Attacks against administrative VMs.
4. Attacks against guest VMs.
5. Attacks against the hypervisor.
6. Hypervisor escape.
• So where are side-channel attacks?
![Page 8: TechTalk Leaks and Side Channels](https://reader036.vdocument.in/reader036/viewer/2022062721/5681369a550346895d9e3390/html5/thumbnails/8.jpg)
Hey, You, Get Off of My Cloud
![Page 9: TechTalk Leaks and Side Channels](https://reader036.vdocument.in/reader036/viewer/2022062721/5681369a550346895d9e3390/html5/thumbnails/9.jpg)
Detecting Co-tenancy
![Page 10: TechTalk Leaks and Side Channels](https://reader036.vdocument.in/reader036/viewer/2022062721/5681369a550346895d9e3390/html5/thumbnails/10.jpg)
Forcing Co-Tenancy
![Page 11: TechTalk Leaks and Side Channels](https://reader036.vdocument.in/reader036/viewer/2022062721/5681369a550346895d9e3390/html5/thumbnails/11.jpg)
Avoiding Co-Tenancy
![Page 12: TechTalk Leaks and Side Channels](https://reader036.vdocument.in/reader036/viewer/2022062721/5681369a550346895d9e3390/html5/thumbnails/12.jpg)
Conclusion