Title :
User-Level Side Channel Attack on Workflow System in Data-Center
Author :
Jihe Wang;Meikang Qiu;Bing Guo;Yan Shen;Qiang Li
Author_Institution :
Comput. Sci. Coll., Sichuan Univ., Chengdu, China
Abstract :
Though current workflow systems, known as the major task managing tool in data-center, use UNIX-based user/group authorization mechanisms to defend unauthorized operations, the information in workflow systems, such as DAG (Directed Acyclic Graph), could be easily exposed to any user-level malicious monitor. In this paper, we propose a type of side channel attack to data-center workflow information. By this attack, the DAG of workflow systems can be stolen through monitoring basic system characteristics, such as CPU utilization, memory accessing, disk I/O, etc, which can successfully circumvents UNIX privilege checking. Also, we present a software-diversity based measurecounter to mitigate the attack.
Keywords :
"Cloud computing","Topology","Electronic mail","Security","Monitoring","Feature extraction","Computer science"
Conference_Titel :
High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conferen on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on
DOI :
10.1109/HPCC-CSS-ICESS.2015.257
