Skip to Main content Skip to Navigation
Conference papers

Formal Analysis of Sneak-Peek: A Data Centre Attack and Its Mitigations

Abstract : Attackers can exploit covert channels, such as timing side-channels, to transmit information without data owners or network administrators being aware. Sneak-Peek is a recently considered data centre attack, where, in a multi-tenant setting, an insider attacker can communicate with colluding outsiders by intentionally adding delays to traffic on logically isolated but physically shared links. Timing attack mitigations typically introduce delays or randomness which can make it difficult to understand the trade-off between level of security (bandwidth of the covert channel) and performance loss. We demonstrate that formal methods can help. We analyse the impacts of two Sneak-Peek mitigations, namely, noise addition and path hopping. We provide a precise mathematical model of the attack and of the effectiveness these defences. This mathematical analysis is extended by two tool-based stochastic formal models, one formalized in Uppaal and the other in Carma. The formal models can capture more general and larger networks than a paper-based analysis, can be used to check properties and make measurements, and are more easily modifiable than conventional network simulations. With Uppaal, we can analyse the effectiveness of mitigations and with Carma, we can analyse how these mitigations affect latencies in typical data centre topologies. As results, we show that using a selective strategy for path hopping is better than a random strategy, that using the two defences in conjunction may actually be worse than using a single defence, and we show the connection between hop frequency and network latency.
Document type :
Conference papers
Complete list of metadatas

Cited literature [24 references]  Display  Hide  Download

https://hal.inria.fr/hal-02023718
Contributor : Hal Ifip <>
Submitted on : Thursday, February 21, 2019 - 3:03:01 PM
Last modification on : Thursday, February 21, 2019 - 3:06:11 PM
Long-term archiving on: : Thursday, May 23, 2019 - 12:01:29 AM

File

 Restricted access
To satisfy the distribution rights of the publisher, the document is embargoed until : 2021-01-01

Please log in to resquest access to the document

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Wei Chen, Yuhui Lin, Vashti Galpin, Vivek Nigam, Myungjin Lee, et al.. Formal Analysis of Sneak-Peek: A Data Centre Attack and Its Mitigations. 33th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), Sep 2018, Poznan, Poland. pp.307-322, ⟨10.1007/978-3-319-99828-2_22⟩. ⟨hal-02023718⟩

Share

Metrics