Mobility

BusMonitor: A Hypervisor-Based Solution for Memory Bus Covert Channels

Free registration required

Executive Summary

Researchers continue to find side channels present in cloud infrastructure which threaten Virtual Machine (VM) isolation. Specifically, the memory bus on virtualized x86 systems has been targeted as one such channel. Due to its connection to multiple processors, ease of control, and importance to system stability the memory bus could be one of the most powerful cross-VM side channels present in a cloud environment. To ensure that this critical component cannot be misused by an attacker, the authors have developed BusMonitor, a hypervisor-based protection which prevents a malicious tenant from abusing the memory bus's operation. In this paper, they investigate the dangers of previously known and possible future memory bus based side channel attacks.

  • Format: PDF
  • Size: 174.74 KB