期刊文献+

云环境下基于内存总线的侧信道攻击检测方法 被引量:1

Memory Bus Covert Channel Detection in Cloud Computing
原文传递
导出
摘要 云计算环境下存在基于内存总线阻塞的侧信道,恶意用户可利用该侧信道以最低权限窃取客户敏感信息.针对这一问题,本文引入时序差分熵和虚拟机自省技术,提出了一种面向云计算的基于内存总线的侧信道攻击检测方法.该方法不仅可依据内存阻塞时序特征及系统负载状况对系统状态分类,而且实现了系统高危态的精确判定和恶意进程定位.实验结果表明:该方法能准确识别攻击的存在性,并能实现恶意进程的定位. In cloud environments,the memory bus contention-based covert channel can be leveraged by an unprivileged adversary to effectively steal sensitive customer information in guest virtual machines.To address the problem,we propose a detection mechanism for the memory bus contention-based covert channel.In our approach,system running states are extracted with virtual machine introspection(VMI)and timing difference entropy,then classified by system load and timing features of memory contention.Classification results are utilized to recognize the system's high-risk state,and finally locate the malicious process.Experiments show that our approach is capable of detecting the presence of attacks,while also locating the malicious application as well,providing theoretical and technical support for the trusted cloud environment.
出处 《武汉大学学报(理学版)》 CAS CSCD 北大核心 2016年第5期418-424,共7页 Journal of Wuhan University:Natural Science Edition
基金 国家自然科学基金(61373169) 国家高技术研究发展(863)计划(2015AA016004) 信息保障技术重点实验室开放基金资助项目(KJ-14-110 KJ-14-101)
关键词 云安全 侧信道攻击 时序差分熵 虚拟机自省 cloud security covert channel attack entropy of timing difference virtual machine introspection
  • 相关文献

参考文献1

二级参考文献5

共引文献6

同被引文献13

引证文献1

二级引证文献4

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部