Enhancing Cloud Security

Cloud Computing Security III

Estimated read time: 1:20

    Summary

    In the third session of the cloud computing security series, the focus shifts to case studies from research articles analyzing cloud security's unique concerns. The video discusses the complexities and extra measures needed in cloud security compared to traditional computing. Highlighting a significant work from ACM CCS 2009, the video examines cloud cartography and information leakage issues in third-party compute clouds like Amazon EC2, revealing vulnerabilities in co-residence and multi-tenancy models. The importance of trust between customers and cloud providers, along with challenges in multi-tenancy, where multiple clients share the same physical hardware, are emphasized. Strategies and experiments around cross-VM attacks and co-residence detection methods are explored, shedding light on potential security risks and mitigation techniques. Key topics include the risk of shared infrastructure exploitation, co-residence strategies, and security assumptions in cloud environments.

      Highlights

      • Explored the security nuances in cloud computing compared to traditional systems. 🌐
      • Discussed a case study from ACM CCS 2009 focusing on cloud cartography. 📚
      • Addressed issues of multi-tenancy and co-residence in public clouds like Amazon EC2. ☁️
      • Highlighted the importance of trust in cloud provider and customer relationships. 🤝
      • Reviewed strategies to detect and mitigate cross-VM attacks. 🛡️

      Key Takeaways

      • Understanding cloud security requires different strategies compared to traditional security measures. 🌥️
      • Studying case examples like the ACM CCS 2009 paper provides real-world insights into cloud vulnerabilities. 🔎
      • Co-residence on shared virtual machines creates unique security challenges. 🖥️
      • Trust between cloud providers and customers is crucial for security assurance. 🤝
      • Deploying VMs on shared resources can result in data leakage and security risks. 🚨

      Overview

      This session dives deep into the intricacies of cloud computing security, distinguishing it from conventional computing security. The discussion centers around the additional complexities and strategies needed to protect data in cloud environments, which differ significantly from traditional network or system security approaches.

        A pivotal case study from ACM CCS 2009 is used to illustrate current challenges in cloud security, particularly focusing on the concepts of cloud cartography and information leakage. The study highlights vulnerabilities associated with the co-residence in third-party computes, like Amazon's EC2, where multiple users share the same physical resources.

          Through this talk, viewers gain insights into the challenges of establishing trust between cloud service providers and customers, particularly in environments that involve multi-tenancy. The talk explores various strategies to detect potential risks and the importance of understanding the security assumptions that underpin cloud infrastructure.

            Chapters

            • 00:00 - 00:30: Introduction to Cloud Security In the introduction to the series on cloud security, the speaker sets the stage for discussions about cloud computing with a particular focus on security aspects. This session is identified as part of a series, specifically the third talk, aimed at building understanding in cloud security challenges and practices.
            • 00:30 - 01:00: Overview of Case Study This chapter introduces a case study derived from a well-known research article, aimed at examining differences in security between cloud computing and traditional network or computing security. Participants are encouraged to read the article, emphasizing its significance and the insights it provides into the specific security challenges and variations applicable to cloud computing.
            • 01:00 - 02:00: Key Security Aspects This chapter provides an overview of key security aspects to consider within cloud security. While it does not dive deep into technical specifics, it aims to present a broad understanding of the security challenges and considerations necessary for cloud computing.
            • 02:00 - 03:00: Article Discussion The chapter discusses the significance of security and trustworthiness even when utilizing well-established public cloud computing platforms. It references a specific article presented at the ACM CCS conference in 2009, which emphasizes these aspects.
            • 03:00 - 04:00: Cloud Experimentation In the chapter titled "Cloud Experimentation," the focus is on exploring information leakage in third-party compute clouds. The discussion highlights the first work in cloud cartography and aims to delve into the security aspects of the cloud. The main objective is to examine how different security measures can be implemented, rather than identifying any specific loopholes.
            • 04:00 - 05:00: Customer Trust and Multi-Tenancy The chapter titled 'Customer Trust and Multi-Tenancy' discusses the importance of understanding cloud security through practical experiments. The focus is on using existing work as a case study to demonstrate the critical role of security in cloud computing, rather than analyzing the work itself. The chapter highlights how these insights can enhance our understanding of cloud security.
            • 05:00 - 06:30: Multi-Tenancy Risks This chapter discusses the potential risks associated with multi-tenancy in cloud computing environments, particularly with a focus on attack vectors. The authors highlight an experiment conducted on a commercial cloud platform such as Amazon EC2. The experiment aimed to achieve co-residence with a target virtual machine (VM) to potentially exploit its vulnerabilities. The results indicated a 40% success rate in achieving co-residence, showcasing the real and present risks of multi-tenancy regarding security.
            • 06:30 - 10:00: Placement and Extraction Concepts The chapter discusses the challenges involved with the concept of VM (Virtual Machine) placement and extraction. It emphasizes the difficulty in managing the co-residency of a potentially malicious VM with a target VM. The lecture highlights the complexity due to the lack of transparency in how cloud providers allocate VMs, making it a significant concern in cloud security.
            • 10:00 - 12:00: Threat Models in Cloud Security This chapter discusses the new risks associated with cloud security, focusing on the themes of trust and dependency. Customers need to establish a trusting relationship with their cloud providers as they rely on them for hosting a significant portion of their data and processes. The trust aspect is critical because customers depend on the cloud infrastructure to handle their operations effectively and securely.
            • 12:00 - 16:30: Challenges in Co-Residency The chapter titled 'Challenges in Co-Residency' discusses the importance of privacy and integrity within cloud services. Customers must have trust in cloud providers to preserve data privacy and ensure that computations are performed correctly and securely. This trust is a fundamental expectation for any customer using cloud services.
            • 16:30 - 20:30: Cloud Cartography The chapter 'Cloud Cartography' explores the concept of multi-tenancy, focusing on security threats that arise from sharing virtual machines (VMs) among different customers. It discusses the potential for physical resource sharing to lead to transparency issues, where one customer's VM is hosted on the same physical machine as another's. This raises concerns about data security and privacy, as sensitive information could be exposed or shared unintentionally across tenants. The chapter underscores the need for robust security measures in cloud environments to ensure customer data protection despite the inherent resource-sharing nature of cloud services.
            • 20:30 - 25:00: Instance Placement and IP Addresses The chapter discusses the challenges of instance placement and IP addressing in a cloud environment, focusing on the issues of path establishment and security. It highlights the risks involved in multi-tenancy, where multiple virtual machines (VMs) share the same physical resources. The key concern is the potential for malicious VMs to compromise other VMs on the same network, which poses significant security risks for cloud service providers and users. Ensuring the security and integrity of each VM in such a shared infrastructure is deemed crucial.
            • 25:00 - 30:00: Co-Residency Verification Strategies The chapter discusses strategies for verifying co-residency, particularly in multi-tenancy cloud environments where multiple virtual machines (VMs) from different customers share the same physical hardware. It highlights the challenge that customers do not have control over which other tenants their instance will co-reside with, which could potentially include adversaries. The chapter suggests that the logic for deciding resident instances is managed by the cloud provider, emphasizing the importance of understanding this from a cloud provider perspective.
            • 30:00 - 34:30: Experimentation and Networking Tools The chapter titled 'Experimentation and Networking Tools' delves into the critical aspect of resource management within systems. It emphasizes the importance of optimizing customer-level performance by effectively managing limited resources. The text explains how virtual machines (VMs) are deployed based on an analysis that seeks to balance resource management with providing optimal performance to customers, thereby enhancing their service experience.
            • 34:30 - 39:00: Risks and Prevention Strategies ## Chapter Title: Risks and Prevention Strategies The chapter discusses various risk factors associated with cloud computing, particularly focusing on multi-tenancy environments. One significant risk highlighted is the side-channel exploitation, where cross-virtual machine (VM) information leakage can occur due to shared physical resources. This leakage poses a notable security challenge as it has the potential to expose RSA and AES secret keys. The text emphasizes the need for preventive strategies to mitigate such vulnerabilities inherent in cloud infrastructures.
            • 39:00 - 43:00: Conclusion: Emerging Cloud Security Challenges The chapter discusses the emerging security challenges in cloud computing, focusing on side channel exploitation and vulnerabilities in virtual machine (VM) isolation mechanisms. It emphasizes the risks posed by hypervisor vulnerabilities, which could potentially be exploited to compromise systems. Additionally, the chapter highlights the lack of control over shared server space in cloud environments, raising concerns about knowing who shares these resources.

            Cloud Computing Security III Transcription

            • 00:00 - 00:30 hi so we will be discussing on ah cloud computing primarily looking into the cloud security so this may be the ah this series of lectures the third third talk on cloud security so
            • 00:30 - 01:00 in in this discussion we will be basically ah trying to look at a case study taken ah from a ah well known research article it might so happen that many of you have gone through the article or if not i it will be good to go through these articles that is ah pretty ah one of the interesting ah article which shows that where these security in cloud computing ah varies ah or how it differ from our generic network or computing security or where what
            • 01:00 - 01:30 are the extra things we need to look at when we look at the cloud security per se so it may ah it may not be possible to go for all ah deep into the technical details of this ah article this such article but i will try to give you that a overview of the ah problem which will ah which will ah help us in understanding that ah how how how security
            • 01:30 - 02:00 matters even when you are ah you are using is ah a a standard secured ah trusted ah well used public ah cloud computing platform ok so one ah that article we are talking about is ah came in ah acm ccs two thousand nine ah and ah by this it ah title says that hey
            • 02:00 - 02:30 you get off my cloud exploring information leakage in third party compute clouds right so what the demand is the first work in cloud cartography ah but ah apart from that it is interesting to see that what are the different way ah things will be there so it is the the our major objective of this ah particular discussion is to more look into ah the ah the security aspects of the cloud it is ah it is ah not on looking into any loophole
            • 02:30 - 03:00 of a particular cloud ah provider or ah security of any particular provider we try to look at this paper which is a which is done ah which is there are some practical experiments which may help us in understanding the security aspect of the cloud in a better way that is our objective it is not to analyze the work but say but to ah take that work as a example case and see that how security ah it playa a important role in a in this cloud computing
            • 03:00 - 03:30 ah aspect so ah the experiment that the done in this particular work is this ah some sort of a so called quote unquote attack launched against a commercially available real cloud like typically amazon ec two and what they claimed that forty percent are [sa/success] success in co residence with the target vm right so if we ah remember
            • 03:30 - 04:00 ah our earlier lectures what we are telling that one of the major issue is that if you whether we can co residence ah my a a particular what we say ah attacking vm or a malicious users vm to a target vm so that that is a very challenging task because i i really dont know how a cloud provider allocates the ah allocates the vm to other things
            • 04:00 - 04:30 so ah what we have seen ah in the new risk in cloud one is that trust and dependency dependence right establishing new trust relationship between the class customer and ah cloud provider that is important because i am basically as a customer leveraging all my ah means most of my data most of my processes on the cloud and i am my i am somewhat going dependent on that cloud infrastructure so customer must trust their cloud provider to respect the
            • 04:30 - 05:00 privacy of the data and integrity of the computations right so when we look at ah the security point of view the customer must trust the cloud provider for the preservation of the privacy of the data and the integrity of the computation if there is a process the process is supposed to is ah is performing the way it is supposed to perform that is one of the objective of this ah of any any customer right so that is expected now the ah other ah problem so that is that is how much you trust and
            • 05:00 - 05:30 dependent on the thing other thing is the multi tenancy right at ah threats from other customer due to the say they are basically deciding on the same vms and ah physical records can be transparently shared so what is happening that ah i am that the [va/virtual] virtual machine what i have been allocated the in the same physical machine some other customers
            • 05:30 - 06:00 are also allocated so what is the what is the chance that there is a there is a path establishment between these two vm and if there is a malicious ah vm or the this processes running in a malicious vm what is the chance that ah my vm or my process is likely to be compromised so that is the usual [pro/problem] problem or multi tenancy when you have multi tenant data these are the things which is a ah which becomes a big issue
            • 06:00 - 06:30 so multi tenancy as ah we have discussed earlier multiplexing vms of disjoint customers upon the same on the same ah physical machine so your machine is placed in the same server with other customer problem you dont have the control to prevent your instant from being co resident with the some adversary resident right so if it is a multi tenant so this multi tenancy how it will be residing that is at the ah that is the logic the ah cloud provider doing so for the cloud provider point of view its
            • 06:30 - 07:00 one of the major thing is is resource management right it has a limited resource or it has a particular resource and it has to manage the thing so that it optimize the performance of the customer level so based on that it basically ah try to try to deploy the vms ah based on its this ah analysis of that how resource can be properly managed and maximum ah performance level can be provided to the respective customer visa vis their service
            • 07:00 - 07:30 level agreements right so they here the with this this with the multi tenancy some of the new risk factor came into picture one is that slight channel exploitation that means cross vm information leakage due to sharing of the physical resource so that is another a big challenge right a cross vm information leakage sharing of the physical resources is there has the potential to extract rsa and aes secret keys we dont know whether there is a potential to extract rsa and aes secret keys of this cross channel all this
            • 07:30 - 08:00 ah side channel exploitation there are vulnerable vm isolation mechanisms like via a vulnerable vulnerability that allows an escape to the hypervisor right so the if there is a hyper if there is a vulnerability so if that can be exploited and ah this hypervisor sub to some extent can be compromised lack of [contrary/control] control you are sharing the server space right so lack of control who you are sharing with right
            • 08:00 - 08:30 so you dont have any control that who you are co residing with right or this you are saying the simple way so these are the new risk ah which come into play and ah the attack model specifically the attack model ah which in being also followed in this particular work we are what we are ah discussing is that the one of the ah motivation of this attack model is to study the practically practicality that whether it is practical or mounting cross
            • 08:30 - 09:00 vm attacks in existing third party compute clouds so i if i am having existing third party compute cloud is it possible to do ah to launch um some sort of a ah cross vm attacks right if ah on the case all right so what they did the experiments have been carried out on realize cloud provider like i am as an ec two and ah this can be carried out to any any type of i s provider so there are two steps and this is these two
            • 09:00 - 09:30 steps are irrespective whether is a cloud or network or anything that is one is placement adversary arranging to place the malicious vm on the same virtual machine as that of the target customer this is important if i want to do across some sort of attack or something first thing i have to do is that whether i can physically place my vm into the into the same space or the same physical machine or the same server space where the adversaries
            • 09:30 - 10:00 machine is there so that is one important thing and secondly it is a extraction thing so once i am place so extract confidential information by side channel attack so these are the two type of so next is the threat model ah like assumption of threat model is that the provider and the infrastructure to be trusted right so what we do when we this is one of the basic assumption is the provider and the infrastructure need to be trusted do not consider attack that that rely on subverting the administrator
            • 10:00 - 10:30 functions all right do not exploit vulnerabilities of the virtual machine monitor or others software right so ah it will not exploit that hypervisor and other things so adversaries non providers affiliated malicious [party/parties] parties so advisories are not provider affiliated they came as a ah user or customer victims user running confidentially requiring services of the cloud so ah victims are running some of the operations which needs some basic privacy
            • 10:30 - 11:00 and convenience confidentiality is not public operations of public data and ah services through the cloud so focus on new cloud related capabilities of the attacker and implicitly expanding the ah attack surface right so we try to see that what are the things and try to see that what type of other attacks so there are other threat models ah consideration like any customer a the malicious party can run and control many instances of the cloud
            • 11:00 - 11:30 right so that is another thing attackers instance might be placed on the same physical hardware as the potential victims are attacks might manipulate the shared physical resource to learn otherwise confidential information so that ah attacker can basically do some surface [ca/cause] cause vm attacks so two type of attacks can take place attack on some known hosted services or attack on a particular [vic/victim] victim services right
            • 11:30 - 12:00 so one attack is that i am i know that these are the hosted services i want to attack on the things or i want to have particular victim service to be attacked so it is more ah what we say targeted attack so in order to do that so what they ah proposed or what they ah did is basically need to answer a few questions one is that can one determine where the cloud infrastructure and instance is located right so is it possible to determine that where
            • 12:00 - 12:30 a particular ah instances located right very very difficult not only difficult something apparently impossible right you you take a login from amazon or azure or google platform or any other sales force or anything and that that is they are way of handling the things like at the back of his management or the backbone management things question two can anyone can one easily determine if two instances are co resident on the same
            • 12:30 - 13:00 physical machine right one is that finding that where the one instance is there another is that whether it is possible that i can determine that ah whether these two instances are co resident right number three is that can a adversary launch instances that will be co resident with the user instances right so other ah question is that whether the adversaries launch instances so that you want to co residents with some ah targeted instances and number
            • 13:00 - 13:30 four can an adversary exploit cross vm information leakage one co resident so if it is a co resident somewhere rather whether there is a possibility that then i can have a cross vm information leakage right so these are what they did the experiment or what we are trying to it get overview of the whole thing is primarily ah working on one of the very popular cloud provider
            • 13:30 - 14:00 and it follows all all possible base practices even with that whether it is possibilities they are or not that is that thing what we are trying to look at so if you look at the amazon ec two service per se so it is a scalable pay as you go compute capacity of the cloud customer can run different operating system within the virtual machine three degree of freedom instance type region and availability zone so when you do select
            • 14:00 - 14:30 so there are three degree of freedoms so you can have instance type what type of instant or ah which region you want to launch and the availability zone in the things right so three computing options instances are available one is is m one small m one medium thirty two bit architecture m one large m one ah extra large and so and so forth so these are the different instances are available right so there are different region available right
            • 14:30 - 15:00 ah u s e u and asia this is the time one ah what the paper tells that is what when they are ah the came up in two thousand nine so region split into availability zone so if you look at that uci in us it has a east in the east virginia west oregon and ah and west another thing is not done not done care earlier right so ah similarly infrastructure will separate power and network capacity connectivity right so these are the different physically
            • 15:00 - 15:30 different ah located different places so they have ah not only different power line that means they are not on the same ah power backbone so that that means that in other sense that is they are not ah subject to failure if there is a power failure of one instances and it is likely they are ah network also is ah different right so that means the ip block used in one will be different another end type of things customers
            • 15:30 - 16:00 randomly assigned to a physical machine based on their instance region and availability zone choices so customer has this option of choice in taking a ah make a choice of this and based on that they are ah given to the different machine so typically amazon ec two service using ah hp hypervisor and if you a xen hypervisor sorry so if you look at the xen hypervisor so there is a dom zero what we say ah portion what is the privileged virtual machine which have manages guest images it provisions physical
            • 16:00 - 16:30 ah resources access control rights configure to route packets in its guest images and reports itself as a hop to the trace route right so it it routes the things and that can get it it is a hop on the thing so when an instant is launched it is assigned to a single physical machine for its lifetime right so the instant particular anything so secondly each instance is assigned internal and external ip address and a domain names
            • 16:30 - 17:00 so that is the philosophy of amazon so external ip address something internal ip address based on some standard and respective domain name within the cloud both the domain names resolve the internal ip address so within the cloud both the whatever you have seen internal external add thing outside the cloud external name is made to the external ip address so when we go to the outside the cloud then the external name is mapped to the external ip address
            • 17:00 - 17:30 now if we look at the ah is ah different aspects or the different queries which we ah which we raised or where which the article raised that try to address those and ah those queries the query one is the cloud cartography ah instant placing is not disclosed by amazon but ah is needed to launch ah whole residency attack so if i want to do some sort of a co residency attack then i require the instant to be placed into ah into the victims ah things
            • 17:30 - 18:00 but the amazon will definitely not disclose this and map the ec two service to understand where the potential targets are located in the cloud right so we need to map or what they have shown they have tried to map the ec two service to understand um that where the targets are located in the cloud so determine the instance creation parameters needed to attempt establishing co residence at an adversarial instance so
            • 18:00 - 18:30 it is needs a create a parameter to attempt establishing a co residence on the thing and the basic hypothesis different availability zone and instance types correspond to different ip address right so if i have different availability zone and different instance types it is ah likely that they are in the different ip ranges so whether we are able to whether we can there is a possibility of exploiting this so in order to do that those who have worked
            • 18:30 - 19:00 on network security or networking per se you know that there are different type of network probing tools are available so network probes are available and which are ah which are um many of them are open source and ah fairly able to map the thing so similarly here also we require a network probing identify public servers hosted in ec two and verify the co residency so open source tools have been used to probe the ports
            • 19:00 - 19:30 port eighty and four forty three that is the http and https secure port right rsn port so because these are ah these are mostly used for external access and likely that they will be opened and allowed the things so one such tool is in map other is hp and wget right so there are the these are the three popular there are several others ah tools and it is ah sometimes ah someone can write their own tool and type of things but
            • 19:30 - 20:00 they are using the tool of probe so external probe probe originating from a system outside ec two and has an ec two instance as the ah destination so that can be the external and internal originates from ec two instant and his has destination another e c two instance right so this is ah internal and external thing so given external ip dns resolution queries are used to determine external name and internal ip address right so this is by the dns query so survey a public server on ec two because
            • 20:00 - 20:30 the to have a ah if we survey a goal to enable identification of instant type and availability zone of one or more potential targets right so our primary or the primary goal of this particular work is to whether i can basically identify the instant type and availability zone of one or more potential targets that is one of the major thing e c two public ips
            • 20:30 - 21:00 are in this prefixes like and there are public ips of those those tuned as reported by the ah particular article use external probes to find the responsive ips right which are responsive for from tcp connect probe on port eighty ah and ah followed by wget port at port eighty and performed tcp scan at port forty three and then they see that what are
            • 21:00 - 21:30 the ips which responses so use dns lookup translate each public ip that correspond to either port eighty or port forty three to an internal ec two address and then ah do again the probing on the things so some fourteen thousand odd unique internal ips are obtained now ah this next is the instance placement parameters right what parameter you need to say that the things now ec twos internal address
            • 21:30 - 22:00 space is cleanly partitioned between vary ah between the availability zone right they are partitioned into thing three availability zone five instance type of ah instance type and zone as we have seen twenty instance launched for each of the fifteen the what the experimental ah things they have done and they have shown that samples from each of the zone are assigned ip address from disjoint portion of the observed internal ip address spaces right assumption
            • 22:00 - 22:30 internal ip address are statically assigned to physical machines ah to ease out ip routing otherwise it will again routing routing parameters will be their availability zone are used physical infrastructure so these are the things which are ah there so in other sense what we try holistically see there are these are the different ah zones and different type of instances they are on different ip block in other sense if i if i somehow select ah the same zone and etcetera n whom i am targeting it is likely i i i may
            • 22:30 - 23:00 be in the same ip block if i know that in the same ip block then whether it is possible to launch again some of the probes and some of the attacks with the same ip blocks right so they what they experimentally they shown that hundred instances has been launched in zone three using two different account a and b thirty nine hours after terminating the account instance a and of hundred zone three ninety two has a unique slash twenty four
            • 23:00 - 23:30 prefixes four prefixes has two instances each so these are the their resultant out of hundred b zone three instances eighty eight unique and six this a single slash twenty four had both m one large and m one extra large instance of hundred accounts of these ips fifty five were repeats of ip address assigned to the instance of that account a that is interesting right so out of that assign thing which are a and
            • 23:30 - 24:00 b so what they are launched in different time scale like a and after ah terminating thirty nine hours of b so i can i got that ah address etcetera so in if you look at it gives some sort of it tries to give in some ah may be very ah grossly some cartography of or in other sense that the ip address blocks and etcetera how they are spared and so on and so forth now if i have this type of things like roughly
            • 24:00 - 24:30 know that these are the ip address blocks and type of things are there then whether determining co residency can help or what what can be done so network based co residency at a checks instances likely to be co residence if they are matching domes zero ip address that as we have seen that domain zero ah is that ah primarily do we their management part small packet rounder trips if i have a round ah trip times so that will be the small packet
            • 24:30 - 25:00 in is in the same block numerically close ip range typically within seven hum so that is another things what we are having so verifying co residency is ah check is another challenge that if two under self control instances are successfully transmit via the covered channel they are co residents and so on and so forth you can if you can connect them experiment ah the hard disk base covert channels ah they have shown so three m one small account control
            • 25:00 - 25:30 victim probe ah what they need determine dom zero address for each each pair of a b so what they try to do that what is a checking the co residency of that two ah to vms and type of ah things so effective co residency check for checking constancy with the target instances compare internal ip address to see if they are closer so if it is within the ah within the typical seven thing then it is a closer if he has
            • 25:30 - 26:00 performed tcp sync trace route to open port to the target and see and see if there is only one single hop dom zero ip check check requires sending at most two tcp syn packets no full tcp connection is established very quiet check little communication with the victim so these are the checks which are done ah known some sort of a quote unquote non invasive manner that means the ah victims is not aware
            • 26:00 - 26:30 of the things so you are basically cross checking that whether it is ah some co residency thing and the third thing is causing co residency two strategies to achieve good coverage co residency with a good functions target one is brute force placement you want to do some brute force placement of the things by run numerous probe instances and find out that where things are there and you do a brute force other is target recently launched instances
            • 26:30 - 27:00 take advantage of the tendency of ec two to assign fresh instance a small small set of machines so if it is a after studying etcetera that is it can be think that the service provider are doing that is that ah close ah which are very ah instances launched in the within a particular small time span are ah placed into the thing into the same type of ah hardware or server then then there is a chance of ah doing a target recently launched instances
            • 27:00 - 27:30 and try to co residency so leveraging placement of locality one is the placement of locality instances launched simultaneously from the same account do not run on the same physical machine sequential placement locality existing when two instances run sequentially right as we have seen that ah previously a and b parallel placement locality exist when two instances run at roughly the same time are often assigned to the same machine
            • 27:30 - 28:00 so these are the things which can be exploited and there is a other ways that instance flooding launch lots so parallel instances in the appropriate availability zone and appropriate type and try to see that what they happen similarly ah they did a lot of ah experimentation to see that ah how this ah locality can be exploited and finally exploiting ah co residents that is cross vm attacks can allow ah information leakage how can we exploit shared infrastructure
            • 28:00 - 28:30 is one that it means i am co resident then how to exploit this like gain information about the source uses of the other instances create and use covert channels to intentionally leak information from one instance to other so these are the other things which can be ah which can be exploited by the ah ah attacker some application of these covert channels are co residence detection whether it is the ah thing ah that is whether i can have some
            • 28:30 - 29:00 secret ah detection scheme to look at it whether timing of the keystroke allow me to look at the password and so on and so forth and ah other type of techniques which are there in other cases ah other ah this type of ah hum covert channel attacks is one is that measuring the cache uses that and try to see that the what is the normal pattern and whether the there are there is a whether there is a ah any attacks etcetera there and try to map
            • 29:00 - 29:30 that what sort of processes are they are based on the cache uses pattern so one is that exploit a load based co residence checking that exploit in co residency so co residency check can be done without network base ah network or adversary because i am co residence so i dont require again now the resident a bigger other ah network ah infrastructure i am on the same machine so ah here they have shown this ah with the experiment that the
            • 29:30 - 30:00 trial one and two were co resident on distinct physical machine instant three were not co resident so that what if you look go through the paper there this has been shown and it has been shown that estimation traffic rates that what sort of ah traffics are there with with no http with http connection and so on and so forth these are the figures and data taken from that particular research article and other things are keystroke timing ah attacks
            • 30:00 - 30:30 right so ah based on that keystroke and ah this is a very popular ah or very well known type of things based on that whether you can basically look at that passwords and against the password and try type of things so finally that whether the what type of preventive measures ah we can ah think of one is the mapping use randomized scheme to allocate ip address ah block some tools like in map and trace route so blocking
            • 30:30 - 31:00 tools may be ok but randomized allocation may basically ah may be going against and some cases that the ah optimization or resource management of the things right so what they are the [fa/from] from for the from the ah prospective of the service provider so that is that may be a challenge so co residency check prevent identification of the dom zero that may be one of the way so what ah of that so that that they cannot check that what is the domain zero co location not allow co residence at all right so that means beneficial for
            • 31:00 - 31:30 cloud user but not efficient definitely not efficient for the cloud provider and information leaks leakage via side channel still is a big [chall/challenge] challenge like different type of sites challenge things are there and it is not only that you create a covert path like that you you basically judge different other parameters look at like like maybe the ah as well looking at that the ah looking at the cache behavior or the how the cache
            • 31:30 - 32:00 uses pattern i am trying to look at that what sort of ah activities are going on so with this we end our talk today that that new risk from the summary of that security thing that new risks from cloud computing ah are they are which is little different from our conventional computer or information or network security shared physical infrastructure may and most likely will cause problems exploiting software vulnerabilities are not addressed
            • 32:00 - 32:30 properly here practical ah we have not there may be some software vulnerability if that the sas level cloud etcetera which are not being addressed practical attacks are in that particular paper they have shown that particular attacks are performed and some countermeasures also proposed in this work so i encourage you to go through this paper ah so that it is a good again i am repeating it is not to particularly look into particular service provider or look at the they are loopholes etcetera more things we want to see a look
            • 32:30 - 33:00 at an overview that these are the things possible or this at the things which open up new risk etcetera which are not there in our traditional network or computer or information security so with this ah we will end our ah talk today um thank you