Abstract
Third-party Cloud Computing, Amazon's Elastic Compute Cloud (EC2) for instance, provides Infrastructure as a Service (IaaS) solutions that pack multiple customer virtual machines (VMs) onto the same physical server with hardware virtualization technology. Xen is widely used in virtualization which charges VMs by wall clock time rather than resources consumed. Under this model, manipulation of the scheduler vulnerability may allow theft-of-service at the expense of other customers. Recent research has shown that attacker's VM can consume more CPU time than fair share on Amazon EC2 in that Xen 3.x default Credit Scheduler's resolution was rather coarse. Although considerable changes have been made in Xen 4.x Credit Scheduler to improve the performance in case of such stealing attacks, we've found another alternative attack called Time-Stealer which can obtain up to 96.6% CPU cycles stealthily under some circumstances on XenServer6.0.2 platform by analyzing the source code thoroughly. Detection methods using benchmarks as well as a series of countermeasures are proposed and experimental results have demonstrated the effectiveness of these defense techniques.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
