Adversarial Attacks Against Machine Learning-Based Resource Provisioning Systems

Abstract

Microarchitectural attacks, such as side-channel, exploit shared resources to leak sensitive information. Performing microarchitectural attacks on the cloud is possible once the attacker’s virtual machine (VM) is co-located with the victim’s VM. Hence, the co-location requirement with the victim limits the practicality of microarchitectural attacks on the cloud. In this work, we demonstrate that resource provisioning systems (RPSs) can be exploited to solve the co-location challenge of microarchitectural attacks in the cloud by deploying adversarial evasion attacks on RPSs to co-locate attackers’ VMs with victims’ VMs. Moreover, we discuss the adaptability of defense techniques proposed against adversarial attacks in the image classification domain on the RPSs.