Prying CoW: Inferring Secrets across Virtual Machine Boundaries
Gerald Palfinger, Bernd Prünster, Dominik Ziegler
2019
Abstract
By exploiting a side channel created by Copy-on-Write (CoW) operations of modern file systems, we present a novel attack which allows for detecting files in a shared cloud environment across virtual machine boundaries. In particular, we measure deduplication operation timings in order to probe for existing files of neighbouring virtual machines in a shared file system pool. As a result, no assumptions about the underlying hardware and no network access are necessary. To evaluate the real-world implications, we successfully demonstrate the feasibility of our attack on the ZFS file system. Our results clearly show that the presented attack enables the detection of vulnerable software or operating systems in a victim’s virtual machine on the same file system pool with high accuracy. Furthermore, we discuss several potential countermeasures and their implications.
DownloadPaper Citation
in Harvard Style
Palfinger G., Prünster B. and Ziegler D. (2019). Prying CoW: Inferring Secrets across Virtual Machine Boundaries.In Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - Volume 2: SECRYPT, ISBN 978-989-758-378-0, pages 187-197. DOI: 10.5220/0007932301870197
in Bibtex Style
@conference{secrypt19,
author={Gerald Palfinger and Bernd Prünster and Dominik Ziegler},
title={Prying CoW: Inferring Secrets across Virtual Machine Boundaries},
booktitle={Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - Volume 2: SECRYPT,},
year={2019},
pages={187-197},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007932301870197},
isbn={978-989-758-378-0},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - Volume 2: SECRYPT,
TI - Prying CoW: Inferring Secrets across Virtual Machine Boundaries
SN - 978-989-758-378-0
AU - Palfinger G.
AU - Prünster B.
AU - Ziegler D.
PY - 2019
SP - 187
EP - 197
DO - 10.5220/0007932301870197