Virtual Machine Manager And Hidden Channel Attack In Hypervisors

Analyse and evaluate the risks and security concerns with the hidden channel attack; discuss strategies for addressing them. 

Introduction to Virtual Machine Manager and hardware virtualization

Virtual Machine Manager is also known as the “hypervisor” is considered to be one of the many of the hardware virtualization technique that is associated with allowing the multiple operating system also known as guest to operate in a concurrent way with the host computer. This is also named like this because conceptually it is placed on one level higher that the supervisory program (Masdari, Nabavi, & Ahmadi, 2016). A virtual operating platform is provided to the guest by the hypervisor which is associated with managing the executions done by the guest operating system. There exists multiple cases where it is seen that different types of operating systems are associated with sharing of hardware resources which are virtualized in nature (Felter et al., 2015). This are generally installed in the server hardware which is only assigned with the task of running the guest operating systems. Whereas the non-hypervisor virtualization systems are generally used for tasks of similar kind on a dedicated server hardware. But this is also commonly used in the desktops, portable as well as in the handheld computers. This term is often used for the purpose of describing the interface that is provided by the specific cloud-computing functionality known as the IaaS or the Infrastructure as a Service.

VM are generally very mobile in nature and the abstraction which occurs in this are associated with making the VM independent of the hardware underlying it. The traditional software are generally coupled tightly with the server hardware underlying which means that the moving of application to some other server generally requires a lot of time and are prone to errors during the reinstallation and reconfiguration of the application. By comparison a hypervisor is associated with making the underlying hardware details very much irrelevant for the virtual machines, this in turn is associated with allowing the virtual machines to be moved or migrated between any of the local or remote virtualized servers which is associated with sufficient amount of computing resources that are available. This is almost done at will and with effective rate of zero disruption to the virtual machines. This is the feature which is often termed as live migration.

This is a very sophisticated attack in the hypervisors. Place where, there exists the hypervisors might be affected due to hidden channel attacks. In this type of attacks the information are exploited which are generally gathered from the usage of the virtual resources. In this type of attack a malicious attacker is associated with placing a VM malicious in nature which acts as a co-residential of the targeted VM so as to make sure that the same hardware resources are being used. Followed by this the attacker is associated with the extraction of the useful information and this might be including the cryptographic keys from the targeted virtual machines (Kumar et al., 2015). This in turn are used for the purpose of eavesdropping of the traffic and man-in-middle attacks. By making use of the hidden channel attack it is possible for the attacker to share the same cache as that of the victim because the victim is capable of monitoring the cache access behaviour. One such example is that the attacker is having the capability of monitoring the cache information related to the timing means of measuring the time of execution of various kind of operations in the virtual machine of the victim (Sharma et al., 2016). But in general the attacker is associated with the exploitation of the timings present in the share cache memory of high level. Besides this the consumption of power or leakage in the electromagnetic elements might also be used as a vector for the purpose of launching the hidden channel attacks.

Benefits and features of Virtual Machine Manager

Cache based hidden channel attack is the type of attack where it is seen that the caches which are being tested are generally existing in between the various type of new day processors is one of the major concern. It is mainly due to the reason that the processors are associated with permitting the side channel attacks. The major problem existing in the cache is the contention of the cache that is generally associated with allowing the eviction of the various kind of processes of the user processes that are generally present in the cache which are generally being used by the other users (Levchenko & Cardoso, 2018). Different type of cache based hidden channel attacks faced by the virtual machine are listed below. This type of attacks mainly includes the time driven, access driven and the trace driven.

1. Time driven attacks: This type of attack is considered to be one of the hidden channel attack where the attacker is associated with the exploitation of the correlation that exists between the cryptographic operation and the miss in cache of the victim. Which means in this an adversary is associated with measuring the time that is taken by a victims process so as to complete an entire operation and this might be including the time that is taken so as to undertake a cryptographic process while the accessing of the memory is being done (Tang & Pan, 2015). The major reason lying behind the achievement of this is due to the amount of time that is taken by the memory for being accessed is entirely dependent state that each of the cache is having. After this the attacker is associated with comparing of various execution time that the different processes are having against the inputs and the looks for a specific pattern. This difference in time is generally used for the purpose of leveraging the process of extracting the information related to the encryption keys (Yang et al., 2014).
2. Access driven attacks: this is the type of attack where the attacker is associated with providing an adversary along with a platform which is generally used for the purpose of executing the different processes that are malicious in nature (Rehman et al., 2014). All this is generally done in parallel with the cryptographic process that the victim is having so as to derive certain insights regarding the cache behaviour of the victim. Besides this the attacker is associate with learning the sets of cache that has been accessed by making use of the victims cryptographic operations and this is generally done by evicting of the cache memory page of the victim (Mayoral et al., 2015). This in turn is associated with making the victim to miss the cache and after this the attacker might be associated with observing the miss behaviour of the cache along with the knowledge that the operation that are being conducted.
3. Trace driven Attack: in this type of attack the attacker is generally associated with the monitoring of the cache lines which are accessed in a cache set by the victim and is also associated with obtaining of a profile of the cache activity occurring during an encryption process (Abdelaziz et al., 2017). In this way setting of platform is done for the attacker which would be helping in measuring the memory lines that are accessed by the cryptographic operations and also those which results in hitting the cache.

Hidden channel attacks can be classified into various categories. Besides this the hidden channel attacks are associated with leveraging the side effects of the execution of various codes. One most popular technique of this attack is the differential power analysis. This is considered to be technical method which is also considered to be a black-box analysis of the cryptographic hardware device which is unknown and is generally used for the purpose of discovering the secrets and the intermediate cryptographic values by making use of the power consumption (Ahmad et al., 2015). Besides this there also exists certain other hidden channel attacks that are based on the knowledge that the system is having and is undergoing the test.

Most common way of protecting from the hidden channel attack is bu partitioning of the shared cache memory or by isolation and assigning of some separate portion of the cache memory for each of the virtual machines. This would be helping in the reduction or elimination of the hidden channel attacks in a virtualized environment. The solution of partitioning of the cache generally requires changes as well as modification in the underlying hardware design as well. The results obtained from the changes is considered to be an overall degradation of the performance in the virtual environment (Han et al., 2016). Besides this some solutions are also to be applied so as to whenever the hardware manufacturers are associated with making of certain changes. The most important alternative to the making of the changes in the hardware configuration is to provide some new cache partition technique. This might be seem to be very much effective. Some of the other ways of eliminating the hidden channel attack includes the introduction of the noise to the virtual machine clocks, scheduler based defences, randomization of the monitoring interval, non-blocking of the monitoring clocks and many more.

Hidden Channel Attack in hypervisors

Conclusion:

Virtualization is generally considered to be the core component of the virtual environment which is associated with the providing of isolation between the various kind of hardware and software services provided to the customers. But along with the benefits there also exists certain vulnerabilities in the virtualization. One such common vulnerability is the hidden channel attack. This type of attack is associate with the exploitation of the information by making use of the Cross-Virtual machine cache based hidden channel attack which initially results in the leakage of the AES cryptographic keys. This report is also associated with presenting an overview of the potential needed for launching the hidden channel attack in a virtual environment. A solution has also been proposed which can be used for the purpose of mitigating the hidden channel attack. But it is seen that there does not exist any kind of effective countermeasure for the hidden channel attacks despite of the fact that there is a need of strong defence mechanism by the users of the virtual machine.

References:

Abdelaziz, A., Elhoseny, M., Salama, A. S., Riad, A. M., & Hassanien, A. E. (2017, September). Intelligent algorithms for optimal selection of virtual machine in cloud environment, towards enhance healthcare services. In International Conference on Advanced Intelligent Systems and Informatics(pp. 289-298). Springer, Cham.

Ahmad, R. W., Gani, A., Hamid, S. H. A., Shiraz, M., Yousafzai, A., & Xia, F. (2015). A survey on virtual machine migration and server consolidation frameworks for cloud data centers. Journal of Network and Computer Applications, 52, 11-25.

Felter, W., Ferreira, A., Rajamony, R., & Rubio, J. (2015, March). An updated performance comparison of virtual machines and linux containers. In Performance Analysis of Systems and Software (ISPASS), 2015 IEEE International Symposium On (pp. 171-172). IEEE.

Han, G., Que, W., Jia, G., & Shu, L. (2016). An efficient virtual machine consolidation scheme for multimedia cloud computing. Sensors, 16(2), 246.

Kumar, N., Zeadally, S., Chilamkurti, N., & Vinel, A. (2015). Performance analysis of Bayesian coalition game-based energy-aware virtual machine migration in vehicular mobile cloud. IEEE Network, 29(2), 62-69.

Levchenko, R., & Cardoso, E. A. (2018). System Center 2016 Virtual Machine Manager Cookbook-: Design, configure, and manage an efficient virtual infrastructure with VMM in System Center 2016.

Masdari, M., Nabavi, S. S., & Ahmadi, V. (2016). An overview of virtual machine placement schemes in cloud computing. Journal of Network and Computer Applications, 66, 106-127.

Mayoral, A., Vilalta, R., Muñoz, R., Casellas, R., & Martinez, R. (2015, March). Experimental seamless virtual machine migration using an integrated SDN IT and network orchestrator. In Optical Fiber Communications Conference and Exhibition (OFC), 2015 (pp. 1-3). IEEE.

Rehman, A., Alqahtani, S., Altameem, A., & Saba, T. (2014). Virtual machine security challenges: case studies. International Journal of Machine Learning and Cybernetics, 5(5), 729-742.

Sharma, A., Ahmad, A. R., Singh, D., & Patni, J. C. (2016, October). CloudBox—A virtual machine manager for KVM based virtual machines. In Next Generation Computing Technologies (NGCT), 2016 2nd International Conference on(pp. 588-594). IEEE.

Tang, M., & Pan, S. (2015). A hybrid genetic algorithm for the energy-efficient virtual machine placement problem in data centers. Neural Processing Letters, 41(2), 211-221.

Yang, C. T., Liu, J. C., Hsu, C. H., & Chou, W. L. (2014). On improvement of cloud virtual machine availability with virtualization fault tolerance mechanism. The Journal of Supercomputing, 69(3), 1103-1122.