Cloudoscopy: Services discovery and topology mapping

Amir Herzberg, Haya Shulman, Johanna Ullrich, Edgar Weippl

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

19 Scopus citations

Abstract

We define and study cloudoscopy, i.e., exposing sensitive information about the location of (victim) cloud services and/or about the internal organisation of the cloud network, in spite of location-hiding efforts by cloud providers. A typical cloudoscopy attack is composed of a number of steps: first expose the internal IP address of a victim instance, then measure its hop-count distance from adversarial cloud instances, and finally test to find a specific instance which is close enough to the victim (e.g., co-resident) to allow (denial of service or side-channel) attacks. We refer to the three steps/modules involved in such cloudoscopy attack by the terms IP address deanonymisation, hop-count measuring, and co-residence testing. We present specific methods for these three cloudoscopy modules, and report on results of our experimental validation on popular cloud platform providers. Our techniques can be used for attacking (victim) servers, as well as for benign goals, e.g., optimisation of instances placement and communication, or comparing clouds and validating cloud-provider placement guarantees.

Original languageEnglish
Title of host publicationCCSW 2013 - Proceedings of the 2013 ACM Cloud Computing Security Workshop, Co-located with CCS 2013
Pages113-122
Number of pages10
DOIs
StatePublished - 2013
Event2013 ACM Cloud Computing Security Workshop, CCSW 2013 - Co-located with the 20th ACM Conference on Computer and Communications Security, CCS 2013 - Berlin, Germany
Duration: 8 Nov 20138 Nov 2013

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Conference

Conference2013 ACM Cloud Computing Security Workshop, CCSW 2013 - Co-located with the 20th ACM Conference on Computer and Communications Security, CCS 2013
Country/TerritoryGermany
CityBerlin
Period8/11/138/11/13

Keywords

  • cloud mapping
  • cloud security
  • cloud tomography
  • low rate attacks
  • socket overloading

Fingerprint

Dive into the research topics of 'Cloudoscopy: Services discovery and topology mapping'. Together they form a unique fingerprint.

Cite this