Formal Analysis of Sneak-Peek: A Data-Centre Attack and its Mitigations

Wei Chen, Yuhui Lin, Vashti Galpin, Vivek Nigam, Myungjin Lee, David Aspinall

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract / Description of output

Attackers can exploit covert channels, such as timing side-channels, to transmit information without data owners or network administrators being aware. Sneak-Peek is a recently considered data centre attack, where, in a multi-tenant setting, an insider attacker can communicate with colluding outsiders by intentionally adding delays to traffic on logically isolated but physically shared links. Timing attack mitigations typically introduce delays or randomness which can make it difficult to understand the trade-off between level of security (bandwidth of the covert channel) and performance loss. We demonstrate that formal methods can help. We analyse the impacts of two Sneak-Peek mitigations, namely, noise addition and path hopping. We provide a precise mathematical model of the attack and of the effectiveness these defences. This mathematical analysis is extended by two tool-based stochastic formal models, one formalised in UPPAAL and the other in CARMA. The formal models can capture more general and larger networks than a paper-based analysis, can be used to check properties and make measurements, and are more easily modifiable than conventional network simulations. With UPPAAL, we can analyse the effectiveness of mitigations and with CARMA, we can analyse how these mitigations affect latencies in typical data centre topologies. As results, we show that using a selective strategy for path hopping is better than a random strategy, that using the two defences in conjunction may actually be worse than using a single defence, and we show the connection between hop frequency and network latency.
Original languageEnglish
Title of host publication33rd International Conference on Information Security and Privacy Protection (IFIP SEC 2018)
Place of PublicationPoznan, Poland
PublisherSpringer
Pages307-322
Number of pages16
ISBN (Electronic)9783319998282
ISBN (Print)9783319998275
DOIs
Publication statusPublished - 2018
Event33rd IFIP TC-11 SEC 2018 International Conference on Information Security and Privacy Protection (IFIPSEC 2018) - Poznań, Poland
Duration: 18 Sept 201820 Sept 2018
http://ifipsec2018.pwr.edu.pl/index.php

Publication series

NameIFIP Advances in Information and Communication Technology (IFIPAICT)
PublisherSpringer, Cham
Volume529
ISSN (Print)1868-4238
ISSN (Electronic)1868-422X

Conference

Conference33rd IFIP TC-11 SEC 2018 International Conference on Information Security and Privacy Protection (IFIPSEC 2018)
Abbreviated titleIFIPSEC 2018
Country/TerritoryPoland
CityPoznań
Period18/09/1820/09/18
Internet address

Fingerprint

Dive into the research topics of 'Formal Analysis of Sneak-Peek: A Data-Centre Attack and its Mitigations'. Together they form a unique fingerprint.

Cite this