AUTOMATIC PROFILING FRAMEWORK OF CROSS-VM COVERT CHANNEL CAPACITY

摘要

Technologies are generally described for a framework to automatically estimate cross-VM covert channel rapacity for channels such as central processing unit (CPU) load, CPU L2 cache, memory bus and disk bus. In some examples, the framework may include automated parameter tuning for various cross-VM covert channels to achieve high data rate and automated capacity estimation of those cross-VM covert channels through machine learning. Shannon Entropy formulation may be applied to estimate the capacity of cross-VM covert channels established on any given cloud platform. Furthermore, the noise of a cross-VM covert channel under a specific cloud platform may be statistically modeled to eliminate the covert channel implementations which perform poorly, thereby narrowing the parameter space. A number of sample signals may be collected with their corresponding ground truth labels, and machine learning tools may be utilized to cross-validate the samples and estimate the capacity of the covert channels.

主权项

1. A method to profile cross-VM covert channel capacity, the method comprising:
collecting received signals at a receiver side for each pattern of symbols at a sender side; determining classification boundaries for the collected signals; determining probabilities of occurrence for a predefined symbol within each pattern of symbols in sent signals and the collected signals based on the classification boundaries; iteratively determining an optimal probability of occurrence for the predefined symbol within each pattern of symbols to be received by an attacker based on the probabilities of occurrence: and determining an upper boundary for the cross-VM channel capacity based on the optimal probability of occurrence.