Abstract
Cloud computing is a promising technology to reduce costs, which explains the recent exponential growth in cloud service offerings. However, the popularity and wide usage of cloud services has been matched with corresponding attention towards the development of security issues such as covert channels. Covert channels establish hidden communication with the purpose of exchanging sensitive data, which violates the confidentiality of cloud services. To enhance the security of cyber systems, identification and elimination of covert channel is an emergent, yet challenging task for cloud companies. While there are many studies on covert channel investigation and mitigation, most of them present certain channels in specific scenarios.The purpose of this thesis is to give a complete state-of-the-art overview of covert channels and their mitigation methods in cloud computing services. Moreover, we design and implement covert channels in virtualized environments and provide effective solutions to mitigate some existing channels. We also present covert channel capacity estimation techniques that give a better understanding of the conditions for covert channel existence. The contributions of this thesis are mainly composed of three parts; investigation and classification, design and implementation and mitigation of covert channels in cloud computing services.
We start our work by presenting a detailed investigation and evaluation of 13 types of covert channels in cloud virtualized environments. We classify covert channel mitigation schemes and discuss most popular methods in each type. Furthermore, we benchmark each method’s effectiveness and demonstrate covert channel vulnerability or resistance for each scheme.
Secondly, we design and evaluate two types of covert channels that can exist in modern cloud computing services. The first type of covert channel we introduce in this work is IP timing-based covert channel that can be established to send sensitive data out of a cloud network. IP timing covert channel is a huge risk because IP is the dominating communication protocol for computer networks. However, despite the potential risks, existing IP timing covert channels seem to be less significant because most of them carry information by arbitrary inter packet delays, which leads to low transmission rates and can be easily detected. In this work, we identify a novel IP timing covert channel that can significantly increase the transmission rate. Specifically, we propose a new framework for IP timing covert channel, where the main idea is to use the routes to carry information. Based on the framework, we present the detailed designs for IP timing covert channels based on TCP and UDP, in which we develop new technique to reduce the channel error rate. To evaluate the performance of the proposed covert channels, we also implement them in realistic systems and conduct extensive experiments. The experimental results show that the proposed IP timing covert channel achieves 15 times higher rate than existing channels with less than 0.54% error rate. This study shows that the risk of IP timing channel can be more serious than expected, which requires more sophisticated countermeasures.
The other type of covert channel we design and evaluate in this work is cross-user deduplication -based channel in cloud storage services. To efficiently provide cloud storage services, most providers implement data deduplication schemes so as to reduce storage and network bandwidth consumption. Due to its broad application, many security issues about data deduplication have been investigated, such as data security, user privacy, covet channel, etc. In this work, we design a more powerful deduplication-based covert channel that can be used to transmit a complete message. Specifically, the key features of our design include: (1) a synchronization scheme that can establish a covert channel between a sender and a receiver, and (2) a novel coding scheme that allows each file to represent multiple bits in the message. To evaluate the proposed design, we implement the covert channel and conduct extensive experiments in different cloud storage systems.
Finally, we present an efficient solution to eliminate the risk of covert channel in cloud storage services. To mitigate such channels, many providers stopped using cross-user data duplication that led to huge waste of resources. In the literature, there are several methods to mitigate such channels, however, most of them either suggest to stop the use of cross-user deduplication or are very costly to implement for the providers. We propose a new virtual chunk-based mitigation solution that eliminates the risk of cross-user data duplication based covert channels in cloud storages. Furthermore, our scheme allows cloud storag providers to retain their use of cross-user deduplication at a low cost. In addition, we present new techniques to minimize the overhead and delay. To evaluate our mitigation design, we conduct extensive experiments, where we simulate the behavior of a potential attacker by establishing a deduplication-based covert channel. The evaluation results demonstrate that by using our method, the error rate of the covert channel is as high as 60% in the best-case scenario. This shows that it is impossible to accurately decode the covert channel, thus, we effectively mitigate the risk of cross-user deduplication-based covert channel in cloud storage systems.
| Date of Award | 8 Nov 2016 |
|---|---|
| Original language | English |
| Awarding Institution |
|
| Supervisor | Jianping WANG (Supervisor) |