SlideShare ist ein Scribd-Unternehmen logo

600.412.Lecture03

R
ragibhasan

CS 600.412 Security and Privacy in Cloud Computing

1 von 25
Security and Privacy in Cloud Computing Ragib HasanJohns Hopkins Universityen.600.412 Spring 2010 Lecture 3 02/15/2010
Mapping/topology Attacks 2/15/2010 Lecture Goal ,[object Object]
Discuss different techniques and mitigation strategies
Analyze the practicality and impactReading: Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds, Ristenpart et al., CCS 2009 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 2
Why Cloud Computing brings new threats? Traditional system security mostly means keeping bad guys out The attacker needs to either compromise the auth/access control system, or impersonate existing users 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 3
Why Cloud Computing brings new threats? But clouds allow co-tenancy : Multiple independent users share the same physical infrastructure So, an attacker can legitimately be in the same physical machine as the target 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 4
Challenges for the attacker How to find out where the target is located How to be co-located with the target in the same (physical) machine How to gather information about the target 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 5
Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds, Ristenpart et al., CCS 2009 First work on cloud cartography Attack launched against commercially available “real” cloud (Amazon EC2) Claims up to 40% success in co-residence with target VM 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 6
Strategy Map the cloud infrastructure to find where the target is located Use various heuristics to determine co-residency of two VMs Launch probe VMs trying to be co-resident with target VMs Exploit cross-VM leakage to gather info about target 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 7
Threat model Attacker model Cloud infrastructure provider is trustworthy Cloud insiders are trustworthy Attacker is a malicious third party who can legitimately the cloud provider as a client Assets Confidentiality aware services run on cloud Availability of services run on cloud 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 8
Tools of the trade Nmap, hping, wget for network probing Amazon EC2’s own DNS to map dns names to IPs 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 9
Sidenote: EC2 configuration EC2 uses Xen, with up to 8 instances per physical machine 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 10 Dom0 is the first instance on the machine, connected to physical adapter All other instances route to external world via dom0 [Figures from Xen Wiki]
Task 1: Mapping the cloud Reverse engineering the VM placement schemes provides useful heuristics about EC2’s strategy 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 11 Different availability zones use different IP regions. Each instance has one internal IP and one external IP. Both are static. For example: External IP: 75.101.210.100 External Name: ec2-75-101-210-100.computer-1.amazonaws.com Internal IP: 10.252.146.52 Internal Name: domU-12-31-38-00-8D-C6.computer-1.internal
Task 1: Mapping the Cloud 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 12 Finding: same instance type within the same zone= similar IP regions Reverse engineered mapping decision heuristic: A /24 inherits any included sampled instance type. A /24 containing a Dom0 IP address only contains Dom0 IP address. All /24’s between two consecutive Dom0 /24’s inherit the former’s associated type.
Task #2: Determining co-residence Co-residence: Check to determine if a given VM is placed in the same physical machine as another VM Network based check: Match Dom0 IP addresses, check packet RTT, close IP addresses (within 7, since each machine has 8 VMs at most) Traceroute provides Dom0 of target No false positives found during experiments 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 13
Task #3: Making a probe VM co-resident with target VM Brute force scheme Idea: figure out target’s availability zone and type Launch many probe instances in the same area Success rate: 8.4% 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 14
Task #3: Making a probe VM co-resident with target VM Smarter strategy: utilize locality Idea: VM instances launched right after target are likely to be co-resident with the target Paper claims 40% success rate 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 15
Task #3: Making a probe VM co-resident with target VM 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 16 Window of opportunity is quite large, measured in days
Task #4: Gather leaked information Now that the VM is co-resident with target, what can it do? Gather information via side channels Perform DoS 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 17
Task 4.1: Gathering information If VM’s are separated and secure, the best the attacker can do is to gather information Measure latency of cache loads Use that to determine Co-residence Traffic rates Keystroke timing 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 18
Mitigation strategies #1: Mapping Use a randomized scheme to allocate IP addresses Block some tools (nmap, traceroute) 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 19
Mitigation strategies #2: Co-residence checks Prevent traceroute (i.e., prevent identification of dom0) 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 20
Mitigation strategies #3: Co-location Not allow co-residence at all Beneficial for cloud user Not efficient for cloud provider 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 21
Mitigation strategies #4: Information leakage Prevent cache load attacks? 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 22
Discussion How is the problem different from other attacks? What’s so special about clouds? 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 23

Empfohlen

Homomorphic encryption in cloud computing final
Homomorphic encryption in cloud computing finalHomomorphic encryption in cloud computing final
Homomorphic encryption in cloud computing finalSantanu Das Saan
 
Homomorphic encryption on Blockchain Principles
Homomorphic encryption on Blockchain PrinciplesHomomorphic encryption on Blockchain Principles
Homomorphic encryption on Blockchain PrinciplesJohann Höchtl
 
Homomorphic encryption
Homomorphic encryptionHomomorphic encryption
Homomorphic encryptionNamit Sinha
 
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...Patel Dasharathbhai
 
Overview of IP traceback mechanism
Overview of IP traceback mechanismOverview of IP traceback mechanism
Overview of IP traceback mechanismibnu mubarok
 
Homomorphic Encryption
Homomorphic EncryptionHomomorphic Encryption
Homomorphic EncryptionVipin Tejwani
 
Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Passive ip traceback disclosing the locations of ip spoofers from path backsc...Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Passive ip traceback disclosing the locations of ip spoofers from path backsc...Pvrtechnologies Nellore
 
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...I3E Technologies
 

Empfohlen

Homomorphic encryption in cloud computing final
Homomorphic encryption in cloud computing finalHomomorphic encryption in cloud computing final
Homomorphic encryption in cloud computing finalSantanu Das Saan
 
Homomorphic encryption on Blockchain Principles
Homomorphic encryption on Blockchain PrinciplesHomomorphic encryption on Blockchain Principles
Homomorphic encryption on Blockchain PrinciplesJohann Höchtl
 
Homomorphic encryption
Homomorphic encryptionHomomorphic encryption
Homomorphic encryptionNamit Sinha
 
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...
A Survey of the Homomorphic Encryption Approach for Data Security in Cloud Co...Patel Dasharathbhai
 
Overview of IP traceback mechanism
Overview of IP traceback mechanismOverview of IP traceback mechanism
Overview of IP traceback mechanismibnu mubarok
 
Homomorphic Encryption
Homomorphic EncryptionHomomorphic Encryption
Homomorphic EncryptionVipin Tejwani
 
Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Passive ip traceback disclosing the locations of ip spoofers from path backsc...Passive ip traceback disclosing the locations of ip spoofers from path backsc...
Passive ip traceback disclosing the locations of ip spoofers from path backsc...Pvrtechnologies Nellore
 
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...
PASSIVE IP TRACEBACK: DISCLOSING THE LOCATIONS OF IP SPOOFERS FROM PATH BACKS...I3E Technologies
 
600.412.Lecture02
600.412.Lecture02600.412.Lecture02
600.412.Lecture02ragibhasan
 
600.412.Lecture05
600.412.Lecture05600.412.Lecture05
600.412.Lecture05ragibhasan
 
6620handout4o
6620handout4o6620handout4o
6620handout4oShahbaz Sidhu
 
Hey, you, get off of my cloud exploring information leakage in third party c...
Hey, you, get off of my cloud exploring information leakage in third party c...Hey, you, get off of my cloud exploring information leakage in third party c...
Hey, you, get off of my cloud exploring information leakage in third party c...Fahad Ameen
 
A Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud ComputingA Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud Computingijsrd.com
 
Ijsrdv1 i4019
Ijsrdv1 i4019Ijsrdv1 i4019
Ijsrdv1 i4019ijsrd.com
 
G017424448
G017424448G017424448
G017424448IOSR Journals
 
Formative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering AttacksFormative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering AttacksDamaineFranklinMScBE
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperShakas Technologies
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperShakas Technologies
 
Paper id 41201622
Paper id 41201622Paper id 41201622
Paper id 41201622IJRAT
 
6620handout4t
6620handout4t6620handout4t
6620handout4tShahbaz Sidhu
 
The EternalBlue Exploit: how it works and affects systems
The EternalBlue Exploit: how it works and affects systemsThe EternalBlue Exploit: how it works and affects systems
The EternalBlue Exploit: how it works and affects systemsAndrea Bissoli
 
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNING
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNINGDDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNING
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNINGIJCI JOURNAL
 
Cloud computing and utility computing
Cloud computing and utility computingCloud computing and utility computing
Cloud computing and utility computingasmita tarar
 
DDoS Attack Detection on Internet o Things using Unsupervised Algorithms
DDoS Attack Detection on Internet o Things using Unsupervised AlgorithmsDDoS Attack Detection on Internet o Things using Unsupervised Algorithms
DDoS Attack Detection on Internet o Things using Unsupervised Algorithmsijfls
 
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMS
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMSDDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMS
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMSijfls
 
A Survey: DDOS Attack on Internet of Things
A Survey: DDOS Attack on Internet of ThingsA Survey: DDOS Attack on Internet of Things
A Survey: DDOS Attack on Internet of ThingsIJERD Editor
 
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHMDATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHMijsrd.com
 
Project
ProjectProject
Projectblueash1198
 
Dw bobs-shikkhok
Dw bobs-shikkhokDw bobs-shikkhok
Dw bobs-shikkhokragibhasan
 
Security and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewSecurity and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewragibhasan
 

Weitere ähnliche Inhalte

Ähnlich wie 600.412.Lecture03

600.412.Lecture02
600.412.Lecture02600.412.Lecture02
600.412.Lecture02ragibhasan
 
600.412.Lecture05
600.412.Lecture05600.412.Lecture05
600.412.Lecture05ragibhasan
 
Hey, you, get off of my cloud exploring information leakage in third party c...
Hey, you, get off of my cloud exploring information leakage in third party c...Hey, you, get off of my cloud exploring information leakage in third party c...
Hey, you, get off of my cloud exploring information leakage in third party c...Fahad Ameen
 
A Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud ComputingA Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud Computingijsrd.com
 
Ijsrdv1 i4019
Ijsrdv1 i4019Ijsrdv1 i4019
Ijsrdv1 i4019ijsrd.com
 
Formative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering AttacksFormative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering AttacksDamaineFranklinMScBE
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperShakas Technologies
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperShakas Technologies
 
Paper id 41201622
Paper id 41201622Paper id 41201622
Paper id 41201622IJRAT
 
The EternalBlue Exploit: how it works and affects systems
The EternalBlue Exploit: how it works and affects systemsThe EternalBlue Exploit: how it works and affects systems
The EternalBlue Exploit: how it works and affects systemsAndrea Bissoli
 
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNING
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNINGDDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNING
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNINGIJCI JOURNAL
 
Cloud computing and utility computing
Cloud computing and utility computingCloud computing and utility computing
Cloud computing and utility computingasmita tarar
 
DDoS Attack Detection on Internet o Things using Unsupervised Algorithms
DDoS Attack Detection on Internet o Things using Unsupervised AlgorithmsDDoS Attack Detection on Internet o Things using Unsupervised Algorithms
DDoS Attack Detection on Internet o Things using Unsupervised Algorithmsijfls
 
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMS
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMSDDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMS
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMSijfls
 
A Survey: DDOS Attack on Internet of Things
A Survey: DDOS Attack on Internet of ThingsA Survey: DDOS Attack on Internet of Things
A Survey: DDOS Attack on Internet of ThingsIJERD Editor
 
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHMDATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHMijsrd.com
 

Ähnlich wie 600.412.Lecture03 (20)

600.412.Lecture02
600.412.Lecture02600.412.Lecture02
600.412.Lecture02
 
600.412.Lecture05
600.412.Lecture05600.412.Lecture05
600.412.Lecture05
 
6620handout4o
6620handout4o6620handout4o
6620handout4o
 
Hey, you, get off of my cloud exploring information leakage in third party c...
Hey, you, get off of my cloud exploring information leakage in third party c...Hey, you, get off of my cloud exploring information leakage in third party c...
Hey, you, get off of my cloud exploring information leakage in third party c...
 
A Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud ComputingA Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud Computing
 
Ijsrdv1 i4019
Ijsrdv1 i4019Ijsrdv1 i4019
Ijsrdv1 i4019
 
G017424448
G017424448G017424448
G017424448
 
Formative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering AttacksFormative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering Attacks
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
 
Paper id 41201622
Paper id 41201622Paper id 41201622
Paper id 41201622
 
6620handout4t
6620handout4t6620handout4t
6620handout4t
 
The EternalBlue Exploit: how it works and affects systems
The EternalBlue Exploit: how it works and affects systemsThe EternalBlue Exploit: how it works and affects systems
The EternalBlue Exploit: how it works and affects systems
 
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNING
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNINGDDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNING
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNING
 
Cloud computing and utility computing
Cloud computing and utility computingCloud computing and utility computing
Cloud computing and utility computing
 
DDoS Attack Detection on Internet o Things using Unsupervised Algorithms
DDoS Attack Detection on Internet o Things using Unsupervised AlgorithmsDDoS Attack Detection on Internet o Things using Unsupervised Algorithms
DDoS Attack Detection on Internet o Things using Unsupervised Algorithms
 
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMS
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMSDDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMS
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMS
 
A Survey: DDOS Attack on Internet of Things
A Survey: DDOS Attack on Internet of ThingsA Survey: DDOS Attack on Internet of Things
A Survey: DDOS Attack on Internet of Things
 
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHMDATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
 
Project
ProjectProject
Project
 

Mehr von ragibhasan

Dw bobs-shikkhok
Dw bobs-shikkhokDw bobs-shikkhok
Dw bobs-shikkhokragibhasan
 
Security and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewSecurity and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewragibhasan
 
600.412.Lecture07
600.412.Lecture07600.412.Lecture07
600.412.Lecture07ragibhasan
 
600.412.Lecture06
600.412.Lecture06600.412.Lecture06
600.412.Lecture06ragibhasan
 
600.412.Lecture08
600.412.Lecture08600.412.Lecture08
600.412.Lecture08ragibhasan
 
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...ragibhasan
 
Lecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud ComputingLecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud Computingragibhasan
 

Mehr von ragibhasan (7)

Dw bobs-shikkhok
Dw bobs-shikkhokDw bobs-shikkhok
Dw bobs-shikkhok
 
Security and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewSecurity and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level view
 
600.412.Lecture07
600.412.Lecture07600.412.Lecture07
600.412.Lecture07
 
600.412.Lecture06
600.412.Lecture06600.412.Lecture06
600.412.Lecture06
 
600.412.Lecture08
600.412.Lecture08600.412.Lecture08
600.412.Lecture08
 
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
 
Lecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud ComputingLecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud Computing
 

600.412.Lecture03

  • 1. Security and Privacy in Cloud Computing Ragib HasanJohns Hopkins Universityen.600.412 Spring 2010 Lecture 3 02/15/2010
  • 2.
  • 3. Discuss different techniques and mitigation strategies
  • 4. Analyze the practicality and impactReading: Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds, Ristenpart et al., CCS 2009 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 2
  • 5. Why Cloud Computing brings new threats? Traditional system security mostly means keeping bad guys out The attacker needs to either compromise the auth/access control system, or impersonate existing users 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 3
  • 6. Why Cloud Computing brings new threats? But clouds allow co-tenancy : Multiple independent users share the same physical infrastructure So, an attacker can legitimately be in the same physical machine as the target 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 4
  • 7. Challenges for the attacker How to find out where the target is located How to be co-located with the target in the same (physical) machine How to gather information about the target 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 5
  • 8. Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds, Ristenpart et al., CCS 2009 First work on cloud cartography Attack launched against commercially available “real” cloud (Amazon EC2) Claims up to 40% success in co-residence with target VM 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 6
  • 9. Strategy Map the cloud infrastructure to find where the target is located Use various heuristics to determine co-residency of two VMs Launch probe VMs trying to be co-resident with target VMs Exploit cross-VM leakage to gather info about target 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 7
  • 10. Threat model Attacker model Cloud infrastructure provider is trustworthy Cloud insiders are trustworthy Attacker is a malicious third party who can legitimately the cloud provider as a client Assets Confidentiality aware services run on cloud Availability of services run on cloud 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 8
  • 11. Tools of the trade Nmap, hping, wget for network probing Amazon EC2’s own DNS to map dns names to IPs 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 9
  • 12. Sidenote: EC2 configuration EC2 uses Xen, with up to 8 instances per physical machine 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 10 Dom0 is the first instance on the machine, connected to physical adapter All other instances route to external world via dom0 [Figures from Xen Wiki]
  • 13. Task 1: Mapping the cloud Reverse engineering the VM placement schemes provides useful heuristics about EC2’s strategy 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 11 Different availability zones use different IP regions. Each instance has one internal IP and one external IP. Both are static. For example: External IP: 75.101.210.100 External Name: ec2-75-101-210-100.computer-1.amazonaws.com Internal IP: 10.252.146.52 Internal Name: domU-12-31-38-00-8D-C6.computer-1.internal
  • 14. Task 1: Mapping the Cloud 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 12 Finding: same instance type within the same zone= similar IP regions Reverse engineered mapping decision heuristic: A /24 inherits any included sampled instance type. A /24 containing a Dom0 IP address only contains Dom0 IP address. All /24’s between two consecutive Dom0 /24’s inherit the former’s associated type.
  • 15. Task #2: Determining co-residence Co-residence: Check to determine if a given VM is placed in the same physical machine as another VM Network based check: Match Dom0 IP addresses, check packet RTT, close IP addresses (within 7, since each machine has 8 VMs at most) Traceroute provides Dom0 of target No false positives found during experiments 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 13
  • 16. Task #3: Making a probe VM co-resident with target VM Brute force scheme Idea: figure out target’s availability zone and type Launch many probe instances in the same area Success rate: 8.4% 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 14
  • 17. Task #3: Making a probe VM co-resident with target VM Smarter strategy: utilize locality Idea: VM instances launched right after target are likely to be co-resident with the target Paper claims 40% success rate 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 15
  • 18. Task #3: Making a probe VM co-resident with target VM 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 16 Window of opportunity is quite large, measured in days
  • 19. Task #4: Gather leaked information Now that the VM is co-resident with target, what can it do? Gather information via side channels Perform DoS 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 17
  • 20. Task 4.1: Gathering information If VM’s are separated and secure, the best the attacker can do is to gather information Measure latency of cache loads Use that to determine Co-residence Traffic rates Keystroke timing 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 18
  • 21. Mitigation strategies #1: Mapping Use a randomized scheme to allocate IP addresses Block some tools (nmap, traceroute) 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 19
  • 22. Mitigation strategies #2: Co-residence checks Prevent traceroute (i.e., prevent identification of dom0) 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 20
  • 23. Mitigation strategies #3: Co-location Not allow co-residence at all Beneficial for cloud user Not efficient for cloud provider 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 21
  • 24. Mitigation strategies #4: Information leakage Prevent cache load attacks? 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 22
  • 25. Discussion How is the problem different from other attacks? What’s so special about clouds? 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 23
  • 26. Discussion Cons Are the side channels *really* effective? 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 24
  • 27. 2/15/2010 25 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan Further Reading Amazon downplays report highlighting vulnerabilities in its cloud service Hypothetical example described in report much harder to pull off in reality, company saysTechWorld, Oct 29, 2009. http://bit.ly/dvxEZp