120 likes | 238 Views
TechTalk Leaks and Side Channels. By: Piotr T. Zbiegiel. Title and Content Layout with List. Add your first bullet point here Add your second bullet point here Add your third bullet point here. What are Leaks?.
E N D
TechTalkLeaks and Side Channels By: Piotr T. Zbiegiel
Title and Content Layout with List • Add your first bullet point here • Add your second bullet point here • Add your third bullet point here
What are Leaks? • In a virtual system a leak occurs anytime an attacker receives information to which they would not normally have access. • There are two types of leaks: • Direct leaks in which an attack gets access to underlying network, storage, or memory • Indirect attacks where the attacker can glean information about other tenants or the underlying system. This is termed a side-channel attack.
Side Channels • The term side channel is normally tied to a type of attack against cryptographic systems. • Rather than attacking a cryptosystem head-on the attacker attempts to learn details of the encrypted message or key by indirect means.
Example: Network Hustle • The book describes an attack on a Xen hypervisor where the attacker steals the IP address of a cotenant. • This is accomplished by adding a new IP to the virtual network interface of Evil VM that is the same as Target VM. • The hypervisor accepts the networking change and begins passing traffic to Evil VM instead of the correct recipient. • Evil VM now has access to all traffic headed to the target. Hypervisor Target VM Evil VM 10.0.0.1 10.0.0.2 10.0.0.2
Virtual MITM • The preceding example attack can be mitigated by configuring some simple layer 2 filtering rules on the hypervisor. • Simple and yet we can’t assume the protection is in place. • Attacks like this are a great reminder of the risks inherent in sharing network paths with guest VMs. • Make sure a cloud system has dedicated management and storage networks so it can avoid sending that traffic on paths shared with virtual machines.
Variety of Virtualization Attacks • 2010 IBM paper showed rise in vulnerabilities and exploits against virtualization platforms. They identified 6 types of vulnerabilities: • Attacks against management console. • Attacks against management service with rights on the hypervisors. • Attacks against administrative VMs. • Attacks against guest VMs. • Attacks against the hypervisor. • Hypervisor escape. • So where are side-channel attacks?