Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds by Thomas Ristenpart et al. defended by Ning Xia & Najim Yaqubie Outline 1. Cloud Computing and Threat Model (Najim) 2. Amazon EC2 Service, Network Probing (Ning) 3. Attacking Tasks: 1.Cloud Cartography (Najim) 2.Co-residence Checks (Najim) 3.VM Placement (Ning) 4.Information Leakage (Ning) 4. Conclusions (Najim) The problem with Cloud Computing Originally, servers were hosted by individual companies and maintained on separate and (hopefully) secure hardware. Public clouds allow multi-tenancy: Multiple independent users share the same physical infrastructure: multiplexing virtual machines of potentially malicious users on the same server. Threat Model Traditional threat is a remote exploitation of vulnerabilities in software, whereas clouds allow attackers to act as legitimate clients of the third-party cloud. Major Threat: Potentially malicious and adversarial instances can run on the same physical resources as a victim instance. Thus, those resources (CPU caches, DRAM memory bus, CPU pipelines, etc.) can be manipulated to compromise information. Exploring Information Leakage in ThirdParty Compute Clouds Difficulties/Tasks for the attacker: 1. Need to find out where the target VM is located 2. Need to be co-resident with the target 3. Need to compromise valuable information from the target What we do: 1. Explore how to map the cloud and understand instance creation parameters to establish co-residency 2. Actual attack on current-day third-party popular Amazon EC2 service to highlight relevancy 3. Experienced 40% success in co-residency with target VM Threat Model - Questions 1. Can one determine where in the cloud infrastructure an instance is located? o We first show how to map the cloud 2. Can one easily determine if two instances are co-resident on the same physical machine? o We implement co-residence checks 3. Can an adversary launch instances that will be co-resident with other user's instances? o Launch waves of probe VMs for VM placement 4. Can an adversary exploit cross-VM information leakage once co-resident? o We highlight cross-VM information leakage The Amazon Elastic Compute Cloud (EC2) • Services Provided by EC2 o o EC2 allows users to rent virtual computers on which to run their own computer applications. EC2 allows scalable deployment of applications by providing a Web service. User can boot an Amazon Machine Image to create a virtual machine, which Amazon calls an "instance", containing any software desired. • EC2 crashed on April 21 o Victims: Foursquare, Quora, Heroku The Amazon Elastic Compute Cloud (EC2) • A privileged virtual machine, called Domain0, is used to manage • guest images, physical resource provisioning, and access control rights. It routes packages and reports itself as a first hop. • • 2 regions (United States and Europe), each have 3 availability zones, 5 Linux instance types • • Instances have a one-to-one mapping of internal IP addresses and external IP addresses, which are static Example: External IP: 75.101.210.100 Name: ex2-75-101-210-100.compute-1.amazonaws.com Internal IP: 10.252.146.52 Name: domU-12-31-38-00-8D-C6.compute-1.internal Network Probing tools We use Nmap, hping, and wget for probing o Nmap (Network Mapper) is a security scanner used to discover hosts and services on a computer network, thus creating a "map" of the network. To accomplish its goal, Nmap sends specially crafted packets to the target host and then analyzes the responses. o hping is a packet generator and analyzer for the TCP/IP protocol. Hping is one of the de facto tools for security auditing and testing of firewalls and networks. o Wget is a computer program that retrieves content from web servers. It supports downloading via HTTP, HTTPS, and FTP protocols, the most popular TCP/IP-based protocols used for web browsing. Each tool is free and easy to use. Question 1 - Mapping the Cloud Hypothesis: Different availability zones correspond to different statically defined internal IP addresses and may also correspond to instance types. Disclaimer: We limited our scope to public servers on Amazon EC2. Highlighting legal, ethical and contractual obligations, we targeted publicly facing ports (80 - HTTP, 443 HTTPS) under the assumption that providing a service designed to be accessed by the public is an implicit authorization to do so. We utilized WHOIS queries on 57,344 IP addresses and narrowed down to 14045 unique internal IPs (after probes to port 80 and 443, and appropriate DNS lookup inside EC2). Question 1 - Mapping the Cloud Figure 1: Plot of internal IPs against zones Result: Different availability zones correspond to different statically defined internal IP address ranges. Question 1 - Mapping the Cloud Figure 2: Plot of internal IPs in Zone 3 against instance types Result: Same instance types correspond loosely with similar IP address range regions. Question 2: Determining Co-Residence Network-based co-resident checks: instances are likely coresident if they have: o matching Dom0 IP address, o small packet round-trip times, or o numerically close internal IP addresses (e.g. within 7) These checks do not require that both instances are under our control and from an experiment using a hard-disk-based covert channel, since both instances must be co-resident to send messages over a cross-VM covert channel. Conclusion of test: Effective false positive rate of ZERO for the co-resident checks. Question 3: Probe VM Placement Key Amazon EC2 observations: 1. A single account never has more than one instance running on the same physical machine (this might be an issue..) 2. Strong placement locality. When 2 instances run sequentially or concurrently, most likely on the same machine. 3. Amazon balances load across running machines. A bias for placement on machines with fewer instances. We concentrate on m1.small instances because they are most popular with EC2 and can run up to 4 instances on one machine. We have achieved similar co-residence with c1.medium, and m1.large, though m1.xlarge and c1.xlarge instance types encompasses entire machines. But no co-residence was ever observed for m1.xlarge and c1.xlarge instances. Question 3: Probe VM Placement Strategy 1: Brute-forcing placement Attacker determines victim set and their respective IP ranges based on zone and type, then repeatedly runs probe instances. Not really all to clever, but achieves a success rate of 8.4% (141 victim servers of 1686 target victims). This shows that even a very naive attack strategy can successfully achieve co-residency with a target instance (over a large target set, limits relevancy) Question 3: Probe VM Placement Strategy 2: Abusing Placement Locality Attacker engages in instance flooding in the appropriate availability zone and of the appropriate instance type immediately following launch of instance. Achieves a success rate of 40% Why? Cloud computing allows dynamic resource allocation, thus, the nature provides environment for servers to be terminated when not used, then run again later when need. Also, an attacker may be able to trigger new instances due to the use of auto-scaling systems due to increased load. Question 3: Probe VM Placement Figure 3: Effects of time lag between victim and probe launch Result: The window of opportunity is large to afford coresidency and multiple 3-way collisions (2 attackers, 1 victim) Placement locality has a strong impact. Question 4: Information Leakage Co-Residency affords the ability to: 1. Denial of Service 2. Estimate victim's work load 1.Cache 2.Network Traffic 3. Extract cryptographic keys via cache-based side channels. 4. Other cross-VM attacks Conclusion We have successfully shown that: • Public clouds can be successfully mapped using simple networking probing tools • Demonstrated the possibility of targeted co-residency • Highlighted many security holes presented once an attacking instance is successfully a co-resident of a victim Take-Home Points A blogger, William Vambenepe also went after disk blocks and memory after reading this paper. By using a Foremost (console program to recover files based on their headers, footers, and internal data structures), he was able to extract more than 23,000 files. (example shown at: stage.vambenepe.com/archives/922) This paper has since been cited over 121 times, of which subsequent recent papers have been cited over 140 times collectively. We hoped that this research would illuminate some of the security issues inherent in third-party compute clouds and would spur research and necessary security approaches to mitigate the clear risk. Thank You!