计算机科学 ›› 2017, Vol. 44 ›› Issue (5): 105-110.doi: 10.11896/j.issn.1002-137X.2017.05.019
何佩聪,黄汝维,陈宁江,赵搏文,刘洋
HE Pei-cong, HUANG Ru-wei, CHEN Ning-jiang, ZHAO Bo-wen and LIU Yang
摘要: 云计算具有使用便捷、可按需定制服务、优化资源利用等特点,成为提供外包服务的主要计算模式。云环境中的虚拟机侧通道攻击是云计算的主要潜在威胁之一,同驻是云环境中侧通道攻击的前提。针对如何在多租户云环境下进行同驻检测,提出基于链式结构的Prime-Probe测量cache负载方法MCLPPLS和针对云环境噪声复杂多变问题的实时噪声分析机制RTNAM。结合MCLPPLS与RTNAM提出一种新型的同驻检测分析方法。实验表明,该方法能减少突发噪声对同驻检测的干扰,有较高的同驻检测正确率及较低的同驻检测时耗,表现出良好的性能。
| [1] CHEN K,ZHENG W M.Cloud Computing:System Instances and Current Research[J].Journal of Software,2009,20(5):1337-1348.(in Chinese) 陈康,郑纬民.云计算:系统实例与研究现状[J].软件学报,2009,20(5):1337-1348. [2] RISTENPART T,TROMER E,SHACHAM H,et al.Hey,you,get off of my cloud:exploring information leakage in third-party compute clouds[C]∥ACM Conference on Computer and Communications Securtty(CCS 2009).2009:199-212. [3] ZHANG Y,JUELS A,OPREA A,et al.HomeAlone:Co-residency Detection in the Cloud via Side-Channel Analysis[C]∥Security and Privacy.IEEE,2011:313-328. [4] ZHANG Y,JUELS A,REITER M K,et al.Cross-VM sidechannels and their use to extract private keys[C]∥ACM Conference on Computer and Communications Security.2012:305-316. [5] KOCHER P C.Timing Attacks on Implementations of Diffie-Hellman,RSA,DSS,and Other Systems[C]∥International Cryptology Conference on Advances in Cryptology.1996:104-113. [6] PERCIVAL C.Cache missing for fun and profit[J].Proc of Bsdcan,2005. [7] ACIIMEZ O.Yet another microarchitectural attack:exploiting I-cache[C]∥Proceedings of the 2007 ACM Workshop on Computer Security Architecture.ACM,2007:11-18. [8] ACIIMEZ O,BRUMLEY B B,GRABHER P.New results on instruction cache attacks[C]∥International Conference on Cryptographic Hardware & Embedded Systems.2010:110-124. [9] ACIIMEZ O,ETINKAYA K, SEIFERT J P.On the Power of Simple Branch Prediction Analysis[C]∥2007 ACM Sympo-sium on Information,Computer and Communications Security(ASIACCS’07).2006:312-320. [10] ACIIMEZ O,SEIFERT J P.Cheap Hardware Parallelism Implies Cheap Security[C]∥Workshop on Fault Diagnosis and Tolerance in Cryptography,2007(FDTC 2007).IEEE,2007:80-91. [11] GULLASCH D,BANGERTER E,KRENN S.Cache games-bringing access-based cache attacks on AES to practice[C]∥In 32nd IEEE Symposium on Security and Privacy.2011:490-505. [12] TROMER E,OSVIK D A,SHAMIR A.Efficient Cache Attacks on AES,and Countermeasures[J].Journal of Cryptology,2010,23(1):37-71. [13] YOUNIS Y A,KIFAYAT K,SHI Q,et al.A New Prime and Probe Cache Side-Channel Attack for Cloud Computing[C]∥IEEE International Conference on Dependable,Autonomic and Secure Computing.2015:1718-1724. [14] LIU F,YAROM Y,GE Q,et al.Last-Level Cache Side-Channel Attacks are Practical[C]∥IEEE Symposium on Security & Privacy.2015:605-622. [15] YU S,GUI X L,ZHANG X J,et al.Co-residency DetectionScheme based on Shared Cache in the Cloud[J].Journal of Com-puter Research and Development,2013,50(12):2651-2660.(in Chinese) 余思,桂小林,张学军,等.云环境中基于cache共享的虚拟机同驻检测方法[J].计算机研究与发展,2013,50(12):2651-2660. [16] SI Y,GUI X,LIN J,etal.Detecting VMs Co-residency in Cloud:Using Cache-based Side Channel Attacks[J].Electronics &Electrical Engineering,2013,19(5):73-78. [17] BIAN G Q,ZHAI H,SHAO B L.A Measurement Method of Side-Channel-Attacks Threat for Co-Residency Virtual Machines Based on Cloud Model[J].Journal of Xi’an Jiaotong University,2016,50(4):21-27.(in Chinese) 边根庆,翟红,邵必林.一种采用云模型的同驻虚拟机侧通道攻击威胁度量方法[J].西安交通大学学报,2016,50(4):21-27. [18] SHEN Q N,LI Q.Review on Co-residency Security Issues of Virtual Machines in Cloud Computing[J].Journal of Integration Technology,2015(5):5-17.(in Chinese) 沈晴霓,李卿.云计算环境中的虚拟机同驻安全问题综述[J].集成技术,2015(5):5-17. |
| No related articles found! |
|
||
首页