Cache-based side channel attack (CSCa) techniques in virtualization systems are becoming more advanced, while defense methods against them are still perceived as nonpractical. The most recent CSCa variant called Flush + Flush has showed that the current detection methods can be easily bypassed. Within this work, we introduce a novel monitoring approach to detect CSCa operations inside a virtualization environment. We utilize the Kernel Virtual Machine (KVM) event data in the kernel and process this data using a machine learning technique to identify any CSCa operation in the guest Virtual Machine (VM). We evaluate our approach using Receiver Operating Characteristic (ROC) diagram of multiple attack and benign operation scenarios. Our method...
In this paper we analyze three methods to detect cache-based side-channel attacks in real time, prev...
Virtualization has become an indispensable technique for scaling up the analysis of malicious code, ...
International audienceMost of the mitigation techniques against access-driven cache side-channel att...
The isolation among physically co-located virtual machines is an important prerequisite for ensuring...
Cloud computing is an important technology that significantly reduces costs and increases operations...
Cloud computing provides an effective business model for the deployment of IT infrastructure, platfo...
Physically co-located virtual machines should be securely isolated from one another, as well as from...
International audienceIntel's x86 architecture has been exposed to high resolution and stealthy cach...
International audienceWe present a novel run-time detection approach for cache-based side channel at...
International audienceResearch on cache-based side-channel attacks shows the security impact of thes...
Cloud computing is based on the sharing of physical resources among several virtual machines through...
Cloud computing provides an effective business model for the deployment of IT infrastructure, platfo...
International audienceThis paper presents experimental evaluation and comparative analysis on the us...
In this paper we analyze three methods to detect cache-based side-channel attacks in real time, prev...
International audienceCache Side Channel Attacks (SCAs) have gained a lot of attention in the recent...
In this paper we analyze three methods to detect cache-based side-channel attacks in real time, prev...
Virtualization has become an indispensable technique for scaling up the analysis of malicious code, ...
International audienceMost of the mitigation techniques against access-driven cache side-channel att...
The isolation among physically co-located virtual machines is an important prerequisite for ensuring...
Cloud computing is an important technology that significantly reduces costs and increases operations...
Cloud computing provides an effective business model for the deployment of IT infrastructure, platfo...
Physically co-located virtual machines should be securely isolated from one another, as well as from...
International audienceIntel's x86 architecture has been exposed to high resolution and stealthy cach...
International audienceWe present a novel run-time detection approach for cache-based side channel at...
International audienceResearch on cache-based side-channel attacks shows the security impact of thes...
Cloud computing is based on the sharing of physical resources among several virtual machines through...
Cloud computing provides an effective business model for the deployment of IT infrastructure, platfo...
International audienceThis paper presents experimental evaluation and comparative analysis on the us...
In this paper we analyze three methods to detect cache-based side-channel attacks in real time, prev...
International audienceCache Side Channel Attacks (SCAs) have gained a lot of attention in the recent...
In this paper we analyze three methods to detect cache-based side-channel attacks in real time, prev...
Virtualization has become an indispensable technique for scaling up the analysis of malicious code, ...
International audienceMost of the mitigation techniques against access-driven cache side-channel att...