October 17, 2016
Soo-Jin Moon, a Ph.D. student in the department of Electrical and Computer Engineering, and Vyas Sekar, a professor of Electrical and Computer Engineering, just won the NSA’s Best Scientific Cybersecurity Paper Competition with their paper, “Nomad: Mitigating Arbitrary Cloud Side Channels via Provider-Assisted Migration.” The researchers were chosen as winners from a pool of 54 total nominations and are invited to be recognized and present their work at NSA on November 2nd.
“I was very surprised and happy to hear that our work was recognized with the experts at the NSA and the community,” Moon said. “I hope to continue to do good work.”
Moon’s paper was also recognized last year for placing 2nd overall in NYU’s 2015 Cyber Security Awareness Week (CSAW) Applied Research Competition. Moon and Sekar co-authored the paper with Computer Science professor Michael Reiter from the University of North Carolina at Chapel Hill.
The paper proposes a new system, known as “Nomad,” to mitigate attacks between virtual machines (VMs) on cloud servers, known as “co-residency side-channel attacks.” By monitoring the use of resources on a server, such as hardware cache or memory, a malicious client may be able to infer information about another client’s VM residing on the same server.
“This type of monitoring gives enough power to an attacker to deduce private information from other clients, just from sharing the same resources,” Moon explained.
The solution that Moon and her co-authors recommends in the paper is to carefully move client VMs to other cloud servers every so often to limit the information being leaked due to presence of other VMs, rather than eliminate co-residency altogether.
“To this end, we envision cloud providers offering a migration-as-a-service to their clients to mitigate co-residency side channels,” Moon said. “In this sense, our system, Nomad, can be viewed as an application of the ‘moving target’ defense philosophy.”
This solution, the authors claim, has two big advantages. First, it can be applied to a large range of attacks. Secondly, the solution requires no changes to the cloud provider’s hardware and client applications, making the solution easily deployable.
See all CyLab News articles