Exploring Virtual Machine Covert Channel via I/O Performance Interference

Abstract: The weakness of performance isolation in system virtualization leaks a time window for various kinds of attacks which can be leveraged by malicious users to threaten the security of the virtual machines (VMs) atop or construct hidden information channel. In this paper, we propose vLeaker, a practical covert timing channel built on fine-grained VM I/O performance interference, by which VMs co-resident in storage aspect can exchange the information with relatively high transmission speed and low data error rate.… Show more

“…As a result, they have been able to achieve a bandwidth of 0.1 bit/s, which is still low but a significant improvement compared with the original bandwidth. A general transmission protocol for I/O–based CCs has been proposed by Yang et al, which they use to construct a hard disk CC, achieving 125 bit/s in a laboratory environment. Elimination would be possible by having distinct volumes per VM, which is costly and reduces scalability since the space required in the future is not predictable.…”

Survey on covert channels in virtual machines and cloud computing

“…As a result, they have been able to achieve a bandwidth of 0.1 bit/s, which is still low but a significant improvement compared with the original bandwidth. A general transmission protocol for I/O–based CCs has been proposed by Yang et al, which they use to construct a hard disk CC, achieving 125 bit/s in a laboratory environment. Elimination would be possible by having distinct volumes per VM, which is costly and reduces scalability since the space required in the future is not predictable.…”

Survey on covert channels in virtual machines and cloud computing

A Generic Mitigation Framework against Cross-VM Covert Channels