1 / 9

Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds By

Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds By Thomas Ristenpart Eran Tromer Hovav Shacham Stefan Savage Presented by Clint Sbisa Ionut Trestian. Amazon specific.

xena
Télécharger la présentation

Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds By

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds By Thomas Ristenpart Eran Tromer Hovav Shacham Stefan Savage Presented by Clint Sbisa Ionut Trestian

  2. Amazon specific • Only shows that the mapping, etc. works on Amazon EC2, and says that it generalizes to Azure, etc.-- but does not show this • Example (Google Cloud Service) • Single process, no long running queries, no local file access, no network access • The delivery vehicle is the web browser. The data that is created goes right into big table.

  3. Amazon specific • The attacks depend on Amazon offering services • Determining the internal IP address associated to a service – traceroute not so precise • How does the accuracy of mapping change with an increase in the number of zones • Can attack only 'small' instances as shown in paper

  4. Amazon specific • Provider can implement better monitoring and scaling mechanisms • Cloud provider can monitor CPU/network usage of collocated VMs and make sure a single one doesn't hog a resource • Many different types of applications run on EC2-- paper focuses only on web services/applications

  5. Error-prone • Co-residency checks (over covert channels) relies entirely on only two active VMs, which might lead to errors with more than two • Many other methods outlined in the paper are also very vulnerable to noise

  6. Targeting methods • Paper assumes VMs are running web services, etc.-- focused attack methods (based on recently launched VMs) will not work on services they cannot access easily (or at all)

  7. Cost • Shows nothing about the cost of running such attacks • Running so many instances of VMs with hourly billing, network usage, etc. might add up in price • Low accuracy of method makes for a higher price, simple changes by Amazon (acknowledged in the paper) can increase the price even higher

  8. Attacks - exaggerated • Estimating traffic rates • Requesting 3 megabytes text files, what web pages are that big? • Web sites are usually much more complex, not single large files • Keystroke timing attack • Completely idle? Demonstration not on EC2 instances • When do you know when someone is using SSH?

  9. Thank you !

More Related