HyperDetector: detecting, isolating, and mitigating timing attacks in virtualized environments

Ünal, Musa Sadık and Javeed, Arsalan and Yılmaz, Cemal and Savaş, Erkay (2022) HyperDetector: detecting, isolating, and mitigating timing attacks in virtualized environments. In: 21st International Conference on Cryptology and Network Security (CANS 2022), Abu Dhabi, United Arab Emirates

Full text not available from this repository. (Request a copy)


We present a generic approach, called HyperDetector, to detect, isolate, and prevent ongoing timing based side-channel attacks that operate by measuring the execution times of short-running operations in virtualized environments. HyperDetector, being implemented at the level of hypervisor, uses a hardware extension for virtualization to intercept the rdtsc instructions, such that the consecutive pairs of time readings that are close to each other in time can be detected. Once potentially malicious time measurements are detected, noise is introduced into the measurements to prevent the ongoing attacks and the sequence of such measurements is analyzed at runtime by using a sliding window-based approach to determine the processes involved in the attacks. In the experiments, HyperDetector detected all the malicious processes with a perfect accuracy after these processes made few time measurements, reduced the success rates of the attacks from between 98%–99% to between 0%–0.5%, and did so with a runtime overhead of 1.14%.
Item Type: Papers in Conference Proceedings
Uncontrolled Keywords: Cloud security; Microarchitecture; Side-channel attacks; Timing attacks; Virtualization
Divisions: Faculty of Engineering and Natural Sciences
Depositing User: Cemal Yılmaz
Date Deposited: 07 Apr 2023 15:13
Last Modified: 07 Apr 2023 15:13
URI: https://research.sabanciuniv.edu/id/eprint/45199

Actions (login required)

View Item
View Item