Prevention of VM Timing side-channel attack in a cloud environment using randomized timing approach in AES – 128

Animesh Kumar; Sandip Dutta; Prashant Pranav

doi:10.52756/10.52756/ijerr.2023.v31spl.013

Animesh Kumar Department of Computer Science and Engineering, Birla Institute of Technology, Mesra, Ranchi, Jharkhand, India https://orcid.org/0009-0007-3679-8025
Sandip Dutta Department of Computer Science and Engineering, Birla Institute of Technology, Mesra, Ranchi, Jharkhand, India https://orcid.org/0000-0002-3932-3048
Prashant Pranav Department of Computer Science and Engineering, Birla Institute of Technology, Mesra, Ranchi, Jharkhand, India https://orcid.org/0000-0002-3932-3048

DOI: https://doi.org/10.52756/10.52756/ijerr.2023.v31spl.013

Keywords: Cloud computing, Security, Cryptography, VM side-channel attack, Side channel attack, Virtual Machine (VM)

Abstract

The term "cloud computing" refers to the delivery of various computer services to users via the Internet. These services include servers, storage, databases, networking, software, and analytics. The ability for businesses to swiftly and easily access computing resources as needed is one of the primary benefits of cloud computing, along with scalability, flexibility, and cost savings. To protect themselves from data breaches, distributed denial of service attacks, and insider threats, cloud providers and consumers alike need to deploy adequate security measures. Shared resources and timing inconsistencies within the hypervisor can make it possible for attackers to deduce sensitive information from other Virtual Machines (VMs). In this research, a software-based solution to the problem of VM timing side-channel assaults (SCAs) in CC (Cloud Computing) is proposed. Following an analysis of the process's empirical complexity, the solution uses a randomized timing method, which is compatible with all of the AES–128 sub-steps.

References

Agapito, G., & Cannataro, M. (2023). An Overview of the Challenges and Limitations Using Cloud Computing in Healthcare Corporations. Big Data and Cognitive Computing, 7(2), 68. https://doi.org/10.3390/bdcc7020068

Al-Jumaili, A. H. A., Muniyandi, R. C., Hasan, M. K., Paw, J. K. S., & Singh, M. J. (2023). Big Data Analytics Using Cloud Computing Based Frameworks for Power Management Systems: Status, Constraints, and Future Recommendations. Sensors, 23(6), 2952. https://doi.org/10.3390/s23062952

Anwar, S., Inayat, Z., Zolkipli, M. F., Zain, J. M., Gani, A., Anuar, N. B., Khan, M.K., & Chang, V. (2017). Cross-VM cache-based side channel attacks and proposed prevention mechanisms: A survey. Journal of Network and Computer Applications, 93, 259-279. https://doi.org/10.1016/j.jnca.2017.06.001

Asha, S., Shanmugapriya, D., & Padmavathi, G. (2023). Malicious insider threat detection using a variation of sampling methods for anomaly detection in cloud environment. Computers and Electrical Engineering, 105, 108519. https://doi.org/10.1016/j.compeleceng.2022.108519

Balaji, K., Sai Kiran, P., & Sunil Kumar, M. (2023). Power aware virtual machine placement in IaaS cloud using discrete firefly algorithm. Applied Nanoscience, 13(3), 2003-2011. https://doi.org/10.1007/s13204-021-02337-x

Chakraborty, A., Bhattacharya, S., Saha, S., & Mukhopadhyay, D. (2023). Are Randomized Caches Truly Random? Formal Analysis of Randomized-Partitioned Caches. In 2023 IEEE International Symposium on High-Performance Computer Architecture (HPCA). pp. 233-246. https://doi.org/10.1109/HPCA56546.2023.10071041.

Das, S., & Sarkar, S. (2022). News media mining to explore speed-crash-traffic association during COVID-19. Transportation Research Record, 03611981221121261. https://doi.org/10.1177/03611981221121261

Devi, R., Gill, S., & Narwal, E. (2023). Securing Account Hijacking Security Threats in Cloud Environment Using Artificial Neural Networks. Singapore: Springer Nature Singapore. In International Conference On Emerging Trends In Expert Applications & Security, pp. 119-127.

Dey, P. K., Chowdhury, S., Abadie, A., Vann Yaroson, E., & Sarkar, S. (2023). Artificial intelligence-driven supply chain resilience in Vietnamese manufacturing small-and medium-sized enterprises. International Journal of Production Research, 1-40. https://doi.org/10.1080/00207543.2023.2179859

Dhinakar, N.M., Rao, K.K., Jayanath, N., Prasad, R.D.V., Jadala, V.C., & Chintala, R.R. (2023). Defending against Cache-based Side-Channel Attack using Virtual Machine Migration in Cloud. In 2023 International Conference on Sustainable Computing and Data Communication Systems (ICSCDS), pp. 239-242. https://doi.org/10.1109/ICSCDS56580.2023.10104625.

Gonzalez-Gomez, J., Bauer, L., & Henkel, J. (2023). Cache-based Side-Channel Attack Mitigation for Many-core Distributed Systems via Dynamic Task Migration. IEEE Transactions on Information Forensics and Security. https://doi.org/10.1109/TIFS.2023.3266630.

Haimed, I.B., Albahar, M., & Alzubaidi, A. (2023). Exploiting Misconfiguration Vulnerabilities in Microsoft’s Azure Active Directory for Privilege Escalation Attacks. Future Internet, 15(7), 226. https://doi.org/10.3390/fi15070226

Hasija, T., Kaur, A., Ramkumar, K. R., Sharma, S., Mittal, S., & Singh, B. (2023). A Survey on Performance Analysis of Different Architectures of AES Algorithm on FPGA. Modern Electronics Devices and Communication Systems: Select Proceedings of MEDCOM 2021, pp. 39-54. https://doi.org/10.1007/978-981-19-6383-4_4

Jain, A., & Rajak, R. (2023). A systematic review of workflow scheduling techniques in a fog environment. International Journal of Experimental Research and Review, 30, 100-108. https://doi.org/10.52756/ijerr.2023.v30.011

Jain, R., Jain, A., & Singh, R. (2019). Deployment models of cloud computing: A review. Journal of Cloud Computing, 8(1), 10. https://doi.org/10.1186/s13677-018-0104-x

Kim, J., Lee, J., & Kim, D. (2021). Multi-factor authentication for cloud computing security. Journal of Computer Science, 17(1), 1-8. https://doi.org/10.11648/j.cs.20210101.11

Liu, Q., Li, Q., & Li, J. (2018). Secure data storage in cloud computing: A framework based on encryption. Journal of Cloud Computing, 7(1), 8. https://doi.org/10.1186/s13677-017-0067-x

Liu, F., Ge, Q., Yarom, Y., Mckeen, F., Rozas, C., Heiser, G., Lee, R.B. (2016). CATalyst: Defeating last-level cache side channel attacks in cloud computing. IEEE International Symposium on High Performance Computer Architecture (HPCA), pp. 406-416. https://doi.org/10.1109/HPCA.2016.7446082

Liu, Q., Li, Q., & Li, J. (2020). The cost of cloud computing: A review. International Journal of Information Management, 47, 102-112.

Mohammed, N.Q., Amir, A., Ahmad, B., Salih, M.H., Arrfou, H., Thalji, N., Matem, R., Abbas, J.K.K., Hussien, Q.M., & Abdulhassan, M. M. (2023, April). A Review on Implementation of AES Algorithm Using Parallelized Architecture on FPGA Platform. In 2023 IEEE International Conference on Advanced Systems and Emergent Technologies (IC_ASET), pp. 1-6. https://doi.org/10.1109/IC_ASET58101.2023.10150938.

Mutlu, O., Olgun, A., & Yağlıkcı, A.G. (2023, January). Fundamentally understanding and solving rowhammer. In Proceedings of the 28th Asia and South Pacific Design Automation Conference, pp. 461-468. https://doi.org/10.1145/3566097.3568350

Paramanik, A. R., Sarkar, S., & Sarkar, B. (2022). OSWMI: An objective-subjective weighted method for minimizing inconsistency in multi-criteria decision making. Computers & Industrial Engineering, 169, 108138. https://doi.org/10.1016/j.cie.2022.108138

Picek, S., Perin, G., Mariot, L., Wu, L., & Batina, L. (2023). Sok: Deep learning-based physical side-channel analysis. ACM Computing Surveys, 55(11), 1-35. https://doi.org/10.1145/3569577

Pramanik, A., Sarkar, S., & Maiti, J. (2021). A real-time video surveillance system for traffic pre-events detection. Accident Analysis & Prevention, 154, 106019. https://doi.org/10.1016/j.aap.2021.106019

Pranav, P., Dutta, S. & Chakraborty, S. (2021). Empirical and statistical comparison of intermediate steps of AES-128 and RSA in terms of time consumption. Soft Comput., 25, 13127–13145. https://doi.org/10.1007/s00500-021-06085-6

Qin, H., Song, Z., Zhang, W., Huang, S., Yao, W., Liu, G., Jia, X., & Du, H. (2023, April). Protecting Encrypted Virtual Machines from Nested Page Fault Controlled Channel. In Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy, pp. 165-175. https://doi.org/10.1145/3577923.3583659

Qiu, P., Gao, Q., Wang, D., Lyu, Y., Wang, C., Liu, C., Sun, L.R., & Qu, G. (2023). PMU-Leaker: Performance Monitor Unit-based Realization of Cache Side-Channel Attacks. In Proceedings of the 28th Asia and South Pacific Design Automation Conference, pp. 664-669. https://doi.org/10.1145/3566097.3567917

Rajak, R., Choudhary, A., & Sajid, M. (2023). Load balancing techniques in cloud platform: A systematic study. International Journal of Experimental Research and Review, 30, 15-24. https://doi.org/10.52756/ijerr.2023.v30.002

Rout, C., Sethi, S., Badajena, J. C., & Sahoo, R. K. (2022). Secure virtual machine allocation for prevention of side channel attacks in cloud computing. In 2022 International Conference on Intelligent Controller and Computing for Smart Power (ICICCSP), pp. 1-6. https://doi.org/10.1109/ICICCSP53532.2022.9862404.

Sarkar, S., Pramanik, A., Maiti, J., & Reniers, G. (2020). Predicting and analyzing injury severity: A machine learning-based approach using class-imbalanced proactive and reactive data. Safety Science, 125, 104616. https://doi.org/10.1016/j.ssci.2020.104616

Sarkar, S., Vinay, S., Djeddi, C., & Maiti, J. (2021). Text mining-based association rule mining for incident analysis: a case study of a steel plant in India. Springer International Publishing. In Pattern Recognition and Artificial Intelligence: 4th Mediterranean Conference, MedPRAI 2020, Hammamet, Tunisia, December 20–22, 2020, Proceedings 4, pp. 257-273. https://doi.org/10.1007/978-3-030-71804-6_19

Sarkar, S., Vinay, S., Raj, R., Maiti, J., & Mitra, P. (2019). Application of optimized machine learning techniques for prediction of occupational accidents. Computers & Operations Research, 106, 210-224. https://doi.org/10.1016/j.cor.2018.02.021

Tian, Y., & Nogales, A. F. R. (2023). A Survey on Data Integrity Attacks and DDoS Attacks in Cloud Computing. In 2023 IEEE 13th Annual Computing and Communication Workshop and Conference (CCWC), pp. 0788-0794.

Ueno, Y., Tsukahara, A., & Miyaho, N. (2023, June). Next Generation Connectionless IP router architecture with Switching Delay for URLLC Services. In 2023 IEEE 24th International Conference on High-Performance Switching and Routing (HPSR), pp. 1-6. https://doi.org/10.1109/HPSR57248.2023.10147935

Wang, Y., Ma, Y., & Li, Y. (2020). The role of cloud service providers in securing cloud computing environments. Journal of Network and Computer Applications, 142, 13-22. https://doi.org/10.1016/j.jnca.2019.10.005

Xu, X., Hu, J., & Zhang, Y. (2019). A risk assessment framework for cloud computing security. International Journal of Information.

Younis, Y. A., Kifayat, K., Shi, Q., & Askwith, B. (2015). A new prime and probe cache side-channel attack for cloud computing. In 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing, pp. 1718-1724. https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.259.

Zou, X., Gong, G., Lin, Y., Fu, B., Wang, S., Zhu, S., & Wang, Z. (2023). Metasurface-based polarization color routers. Optics and Lasers in Engineering, 163, 107472. https://doi.org/10.1016/j.optlaseng.2022.107472

Prevention of VM Timing side-channel attack in a cloud environment using randomized timing approach in AES – 128

Abstract

References

Most read articles by the same author(s)