Cloud fingerprinting: using clock skews to determine co-location of virtual machines
| dc.contributor.advisor | Xie, Geoffrey G. | |
| dc.contributor.advisor | Kolsch, Mathias | |
| dc.contributor.author | Wasek, Christopher J. | |
| dc.date | Sep-16 | |
| dc.date.accessioned | 2016-11-02T17:18:13Z | |
| dc.date.available | 2016-11-02T17:18:13Z | |
| dc.date.issued | 2016-09 | |
| dc.identifier.uri | https://hdl.handle.net/10945/50503 | |
| dc.description.abstract | Cloud computing has quickly revolutionized computing practices of organizations, to include the Department of Defense. However, security concerns over co-location attacks have arisen from the consolidation inherent in virtualization and from physical hardware hosting virtual machines for multiple businesses and organizations. Current cloud security methods, such as Amazon's Virtual Private Cloud, have evolved defenses against most of the well-known fingerprinting and mapping methods in order to prevent malicious users from determining virtual machine co-location on the same hardware. Our solution to co-locating virtual machines unhindered was to derive their clock skews, or the temporal deviation of the system clock over time. Capturing normal TCP traffic to analyze timestamps from a virtual machine in the cloud, our results were inconclusive in demonstrating that co-located virtual machines will have similar clock skews due to large, inconsistent packet delays. Our research demonstrates a potential vulnerability in cloud defenses so that cloud users and providers can take appropriate steps to prevent malicious co-location attacks. | en_US |
| dc.description.uri | http://archive.org/details/cloudfingerprint1094550503 | |
| dc.publisher | Monterey, California: Naval Postgraduate School | en_US |
| dc.rights | This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States. | en_US |
| dc.title | Cloud fingerprinting: using clock skews to determine co-location of virtual machines | en_US |
| dc.type | Thesis | en_US |
| dc.contributor.department | Computer Science | |
| dc.subject.author | cloud | en_US |
| dc.subject.author | TCP timestamps | en_US |
| dc.subject.author | clock skews | en_US |
| dc.subject.author | side-channel attacks | en_US |
| dc.subject.author | virtual machines | en_US |
| dc.subject.author | VM co-location | en_US |
| dc.subject.author | finger-printing | en_US |
| dc.description.recognition | Outstanding Thesis | |
| dc.description.service | Lieutenant Commander, United States Navy | en_US |
| etd.thesisdegree.name | Master of Science in Computer Science | en_US |
| etd.thesisdegree.level | Masters | en_US |
| etd.thesisdegree.discipline | Computer Science | en_US |
| etd.thesisdegree.grantor | Naval Postgraduate School | en_US |
| dc.description.distributionstatement | Approved for public release; distribution is unlimited. |
Files in this item
This item appears in the following Collection(s)
-
1. Thesis and Dissertation Collection, all items
Publicly releasable NPS Theses, Dissertations, MBA Professional Reports, Joint Applied Projects, Systems Engineering Project Reports and other NPS degree-earning written works. -
2. NPS Outstanding Theses and Dissertations
Related items
Showing items related by title, author, creator and subject.
-
Free field spatialized aural cues for synthetic environments
(Monterey, California. Naval Postgraduate School, 1994-09);Commercially available spatial audio systems for synthetic environments suffer from excessive cost ~md the requirement for in-house application software development. The purpose of this work wru; to develop a low cost audio ... -
Helicopter Urban Navigation Training using virtual environments
(Monterey, California. Naval Postgraduate School, 2000-06-01);Helicopter missions are never defined as "...successful navigation to and return from a location." Navigation, in and of itself, is not the mission - it is, however, a skill that all helicopter pilots are expected to master ... -
Hyper-NPSNET: a virtual world with an integrated 3D hypertext
(Monterey, California. Naval Postgraduate School, 1992-03);This thesis proposes an extension to the NPSNET 3D virtual world prototype to provide an integrated 3D hypertext. This hypertext would be embedded into the virtual world, and would provide the capability for real-time or ...
