TY - GEN
T1 - Stealth migration
T2 - 2017 IEEE Conference on Computer Communications, INFOCOM 2017
AU - Achleitner, S.
AU - Porta, T. La
AU - McDaniel, P.
AU - Krishnamurthy, S. V.
AU - Poylisher, A.
AU - Serban, C.
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/10/2
Y1 - 2017/10/2
N2 - Live virtual machine (VM) migration is commonly used for enabling dynamic resource or fault management, or for load balancing in datacenters or cloud platforms. A service hosted by a VM may also be migrated to prevent its visibility to an external adversary who may seek to disrupt its operation by launching a DDoS attack against it. We first show that current systems cannot adequately hide a VM migration from an external adversary. The key reason for this is that a migration typically manifests a traffic pattern with distinguishable statistical properties. We introduce two new attacks that can allow an adversary to effectively track a migration in progress, by leveraging observations of these properties. As our primary contribution, we design and implement a stealth migration framework that causes migration traffic to be indistinguishable from regular Internet traffic, with a negligible latency overhead of approximately 0.37 seconds, on average.
AB - Live virtual machine (VM) migration is commonly used for enabling dynamic resource or fault management, or for load balancing in datacenters or cloud platforms. A service hosted by a VM may also be migrated to prevent its visibility to an external adversary who may seek to disrupt its operation by launching a DDoS attack against it. We first show that current systems cannot adequately hide a VM migration from an external adversary. The key reason for this is that a migration typically manifests a traffic pattern with distinguishable statistical properties. We introduce two new attacks that can allow an adversary to effectively track a migration in progress, by leveraging observations of these properties. As our primary contribution, we design and implement a stealth migration framework that causes migration traffic to be indistinguishable from regular Internet traffic, with a negligible latency overhead of approximately 0.37 seconds, on average.
UR - http://www.scopus.com/inward/record.url?scp=85034084639&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85034084639&partnerID=8YFLogxK
U2 - 10.1109/INFOCOM.2017.8057195
DO - 10.1109/INFOCOM.2017.8057195
M3 - Conference contribution
AN - SCOPUS:85034084639
T3 - Proceedings - IEEE INFOCOM
BT - INFOCOM 2017 - IEEE Conference on Computer Communications
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 1 May 2017 through 4 May 2017
ER -