Cloud aid - auxílio à prevenção de ataques de canal lateral na nuvem

Abstract

The market of cloud-based technologies has been greatly expanded in this current decade. The propagation of this business and technology model has been providing flexibility in services to its users, mainly in financial costs and computational needs. At the same time, unsolved security breaches like Side Channel Attacks (SCA) imply security threats for the ones that make use of these services. This way, several techniques has been proposed for mitigating this risk, but few of them make use of virtual machine instantiation analysis in Infrastructure as a Service. Even among those which does, the adaptive analysis of instantiation behaviour still seem barely explored. This way, this work presents the development of a security tool with possibility of integration with IaaS controllers through a REST API. This methodology actuates analysing virtual machine instantiation patterns with the objective of preventing the attack during the elaboration of its prerequisite. In order to do that, support vector machines are used to generate a predictor model. Tests using Google Cluster Trace dataset show good quality of the generated model and the viability of detecting possible indications of SCA.