SlideShare una empresa de Scribd logo
1 de 25
Security and Privacy in Cloud Computing,[object Object],Ragib HasanJohns Hopkins Universityen.600.412 Spring 2010,[object Object],Lecture 3,[object Object],02/15/2010,[object Object]
Mapping/topology Attacks,[object Object],2/15/2010,[object Object],Lecture Goal,[object Object],[object Object]
Discuss different techniques and mitigation strategies
Analyze the practicality and impactReading: ,[object Object],Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds, Ristenpart et al., CCS 2009,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],2,[object Object]
Why Cloud Computing brings new threats?,[object Object],Traditional system security mostly means keeping bad guys out ,[object Object],The attacker needs to either compromise the auth/access control system, or impersonate existing users,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],3,[object Object]
Why Cloud Computing brings new threats?,[object Object],But clouds allow co-tenancy : ,[object Object],Multiple independent users share the same physical infrastructure,[object Object],So, an attacker can legitimately be in the same physical machine as the target,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],4,[object Object]
Challenges for the attacker,[object Object],How to find out where the target is located,[object Object],How to be co-located with the target in the same (physical) machine,[object Object],How to gather information about the target,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],5,[object Object]
Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds, Ristenpart et al., CCS 2009,[object Object],First work on cloud cartography,[object Object],Attack launched against commercially available “real” cloud (Amazon EC2),[object Object],Claims up to 40% success in co-residence with target VM,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],6,[object Object]
Strategy,[object Object],Map the cloud infrastructure to find where the target is located,[object Object],Use various heuristics to determine co-residency of two VMs,[object Object],Launch probe VMs trying to be co-resident with target VMs,[object Object],Exploit cross-VM leakage to gather info about target,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],7,[object Object]
Threat model,[object Object],Attacker model,[object Object],Cloud infrastructure provider is trustworthy,[object Object],Cloud insiders are trustworthy,[object Object],Attacker is a malicious third party who can legitimately the cloud provider as a client,[object Object],Assets,[object Object],Confidentiality aware services run on cloud,[object Object],Availability of services run on cloud,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],8,[object Object]
Tools of the trade,[object Object],Nmap, hping, wget for network probing,[object Object],Amazon EC2’s own DNS to map dns names to IPs,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],9,[object Object]
Sidenote: EC2 configuration,[object Object],EC2 uses Xen, with up to 8 instances per physical machine,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],10,[object Object],Dom0 is the first instance on the machine, connected to physical adapter,[object Object],All other instances route to external world via dom0,[object Object],[Figures from Xen Wiki],[object Object]
Task 1: Mapping the cloud,[object Object],Reverse engineering the VM placement schemes provides useful heuristics about EC2’s strategy,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],11,[object Object],Different availability zones use different IP regions.,[object Object],Each instance has one internal IP and one external IP. Both are static.,[object Object],For example:,[object Object],    External IP: 75.101.210.100,[object Object],    External Name: ec2-75-101-210-100.computer-1.amazonaws.com,[object Object],Internal IP: 10.252.146.52,[object Object],    Internal Name: domU-12-31-38-00-8D-C6.computer-1.internal,[object Object]
Task 1: Mapping the Cloud ,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],12,[object Object],Finding: same instance type within the same zone= similar IP regions,[object Object],Reverse engineered mapping decision heuristic:,[object Object],    A /24 inherits any included sampled instance type.,[object Object],    A /24 containing a Dom0 IP address only contains Dom0 IP address.,[object Object],    All /24’s between two consecutive Dom0 /24’s inherit the former’s associated type.,[object Object]
Task #2: Determining co-residence,[object Object],Co-residence: Check to determine if a given VM is placed in the same physical machine as another VM,[object Object],Network based check:,[object Object],Match Dom0 IP addresses, check packet RTT, close IP addresses (within 7, since each machine has 8 VMs at most),[object Object],Traceroute provides Dom0 of target,[object Object],No false positives found during experiments,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],13,[object Object]
Task #3: Making a probe VM co-resident with target VM,[object Object],Brute force scheme,[object Object],Idea: figure out target’s availability zone and type,[object Object],Launch many probe instances in the same area,[object Object],Success rate: 8.4%,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],14,[object Object]
Task #3: Making a probe VM co-resident with target VM,[object Object],Smarter strategy: utilize locality,[object Object],Idea: VM instances launched right after target are likely to be co-resident with the target,[object Object],Paper claims 40% success rate,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],15,[object Object]
Task #3: Making a probe VM co-resident with target VM,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],16,[object Object],Window of opportunity is quite large, measured in days,[object Object]
Task #4: Gather leaked information,[object Object],Now that the VM is co-resident with target, what can it do?,[object Object],Gather information via side channels,[object Object],Perform DoS,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],17,[object Object]
Task 4.1: Gathering information,[object Object],If VM’s are separated and secure, the best the attacker can do is to gather information,[object Object],Measure latency of cache loads,[object Object],Use that to determine,[object Object],Co-residence,[object Object],Traffic rates,[object Object],Keystroke timing,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],18,[object Object]
Mitigation strategies #1: Mapping,[object Object],Use a randomized scheme to allocate IP addresses,[object Object],Block some tools (nmap, traceroute),[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],19,[object Object]
Mitigation strategies #2: Co-residence checks,[object Object],Prevent traceroute (i.e., prevent identification of dom0),[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],20,[object Object]
Mitigation strategies #3: Co-location,[object Object],Not allow co-residence at all,[object Object],Beneficial for cloud user,[object Object],Not efficient for cloud provider,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],21,[object Object]
Mitigation strategies #4: Information leakage,[object Object],Prevent cache load attacks?,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],22,[object Object]
Discussion,[object Object],How is the problem different from other attacks?,[object Object],What’s so special about clouds?,[object Object],2/15/2010,[object Object],en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan,[object Object],23,[object Object]

Más contenido relacionado

Similar a 600.412.Lecture03

600.412.Lecture02
600.412.Lecture02600.412.Lecture02
600.412.Lecture02ragibhasan
 
600.412.Lecture05
600.412.Lecture05600.412.Lecture05
600.412.Lecture05ragibhasan
 
Hey, you, get off of my cloud exploring information leakage in third party c...
Hey, you, get off of my cloud  exploring information leakage in third party c...Hey, you, get off of my cloud  exploring information leakage in third party c...
Hey, you, get off of my cloud exploring information leakage in third party c...Fahad Ameen
 
A Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud ComputingA Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud Computingijsrd.com
 
Ijsrdv1 i4019
Ijsrdv1 i4019Ijsrdv1 i4019
Ijsrdv1 i4019ijsrd.com
 
Formative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering AttacksFormative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering AttacksDamaineFranklinMScBE
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperShakas Technologies
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperShakas Technologies
 
Paper id 41201622
Paper id 41201622Paper id 41201622
Paper id 41201622IJRAT
 
The EternalBlue Exploit: how it works and affects systems
The EternalBlue Exploit: how it works and affects systemsThe EternalBlue Exploit: how it works and affects systems
The EternalBlue Exploit: how it works and affects systemsAndrea Bissoli
 
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNING
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNINGDDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNING
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNINGIJCI JOURNAL
 
Cloud computing and utility computing
Cloud computing and utility computingCloud computing and utility computing
Cloud computing and utility computingasmita tarar
 
DDoS Attack Detection on Internet o Things using Unsupervised Algorithms
DDoS Attack Detection on Internet o Things using Unsupervised AlgorithmsDDoS Attack Detection on Internet o Things using Unsupervised Algorithms
DDoS Attack Detection on Internet o Things using Unsupervised Algorithmsijfls
 
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMS
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMSDDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMS
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMSijfls
 
A Survey: DDOS Attack on Internet of Things
A Survey: DDOS Attack on Internet of ThingsA Survey: DDOS Attack on Internet of Things
A Survey: DDOS Attack on Internet of ThingsIJERD Editor
 
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHMDATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHMijsrd.com
 

Similar a 600.412.Lecture03 (20)

600.412.Lecture02
600.412.Lecture02600.412.Lecture02
600.412.Lecture02
 
600.412.Lecture05
600.412.Lecture05600.412.Lecture05
600.412.Lecture05
 
6620handout4o
6620handout4o6620handout4o
6620handout4o
 
Hey, you, get off of my cloud exploring information leakage in third party c...
Hey, you, get off of my cloud  exploring information leakage in third party c...Hey, you, get off of my cloud  exploring information leakage in third party c...
Hey, you, get off of my cloud exploring information leakage in third party c...
 
A Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud ComputingA Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud Computing
 
Ijsrdv1 i4019
Ijsrdv1 i4019Ijsrdv1 i4019
Ijsrdv1 i4019
 
G017424448
G017424448G017424448
G017424448
 
Formative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering AttacksFormative Task 3: Social Engineering Attacks
Formative Task 3: Social Engineering Attacks
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
 
Protecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropperProtecting location privacy in sensor networks against a global eavesdropper
Protecting location privacy in sensor networks against a global eavesdropper
 
Paper id 41201622
Paper id 41201622Paper id 41201622
Paper id 41201622
 
6620handout4t
6620handout4t6620handout4t
6620handout4t
 
The EternalBlue Exploit: how it works and affects systems
The EternalBlue Exploit: how it works and affects systemsThe EternalBlue Exploit: how it works and affects systems
The EternalBlue Exploit: how it works and affects systems
 
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNING
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNINGDDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNING
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNING
 
Cloud computing and utility computing
Cloud computing and utility computingCloud computing and utility computing
Cloud computing and utility computing
 
DDoS Attack Detection on Internet o Things using Unsupervised Algorithms
DDoS Attack Detection on Internet o Things using Unsupervised AlgorithmsDDoS Attack Detection on Internet o Things using Unsupervised Algorithms
DDoS Attack Detection on Internet o Things using Unsupervised Algorithms
 
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMS
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMSDDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMS
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMS
 
A Survey: DDOS Attack on Internet of Things
A Survey: DDOS Attack on Internet of ThingsA Survey: DDOS Attack on Internet of Things
A Survey: DDOS Attack on Internet of Things
 
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHMDATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
DATA SECURITY IN CLOUD USING BLOWFISH ALGORITHM
 
Project
ProjectProject
Project
 

Más de ragibhasan

Dw bobs-shikkhok
Dw bobs-shikkhokDw bobs-shikkhok
Dw bobs-shikkhokragibhasan
 
Security and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewSecurity and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewragibhasan
 
600.412.Lecture07
600.412.Lecture07600.412.Lecture07
600.412.Lecture07ragibhasan
 
600.412.Lecture06
600.412.Lecture06600.412.Lecture06
600.412.Lecture06ragibhasan
 
600.412.Lecture08
600.412.Lecture08600.412.Lecture08
600.412.Lecture08ragibhasan
 
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...ragibhasan
 
Lecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud ComputingLecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud Computingragibhasan
 

Más de ragibhasan (7)

Dw bobs-shikkhok
Dw bobs-shikkhokDw bobs-shikkhok
Dw bobs-shikkhok
 
Security and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewSecurity and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level view
 
600.412.Lecture07
600.412.Lecture07600.412.Lecture07
600.412.Lecture07
 
600.412.Lecture06
600.412.Lecture06600.412.Lecture06
600.412.Lecture06
 
600.412.Lecture08
600.412.Lecture08600.412.Lecture08
600.412.Lecture08
 
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
Fake Picassos, Tampered History, and Digital Forgery: Protecting the Genealog...
 
Lecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud ComputingLecture01: Introduction to Security and Privacy in Cloud Computing
Lecture01: Introduction to Security and Privacy in Cloud Computing
 

600.412.Lecture03

  • 1.
  • 2.
  • 3. Discuss different techniques and mitigation strategies
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.