Chongzhou Fang (University of California, Davis), Han Wang (University of California, Davis), Najmeh Nazari (University of California, Davis), Behnam Omidi (George Mason University), Avesta Sasan (University of California, Davis), Khaled N. Khasawneh (George Mason University), Setareh Rafatirad (University of California, Davis), Houman Homayoun (University of California, Davis)

Cloud computing paradigms have emerged as a major facility to store and process the massive data produced by various business units, public organizations, Internet-of-Things (IoT), and cyber-physical systems (CPS). To meet users' performance requirements while maximizing resource utilization to achieve cost-efficiency, cloud administrators leverage schedulers to orchestrate tasks to different physical nodes and allow applications from different users to share the same physical node. On the other hand, micro-architectural attacks, e.g, side-channel attacks, transient execution attacks, and Rowhammer attacks, exploit the shared resources to compromise the confidentiality/integrity of a co-located victim application. Since co-location is an essential requirement for micro-architectural attacks, in this work, we investigate whether attackers can exploit the cloud schedulers to satisfy the co-location requirement of the micro-architectural attacks. Specifically, in this paper, we comprehensively analyze if attackers can influence the scheduling process of cloud schedulers to co-locate with specific targeted applications in the cloud. Our analysis shows that for cloud schedulers that allow users to submit application requirements, an attacker can carefully select the attacker's application requirements to influence the scheduler to co-locate it with a targeted victim application. We call such attack textit{Rep}lication Atextit{ttack} (Repttack). Our experimental results, in both a simulated cluster environment and a real cluster, show similar trends; a single attack instance can reach up to $50%$ co-location rate (probability of co-location) and with only $5$ instances the co-location rate can reach up to $80%$ in a heterogeneous cloud. Furthermore, we propose and evaluate a mitigation strategy that can help defend against Repttack. We believe that our results highlight the fact that schedulers in multi-user clusters need to be more carefully designed with security in mind, and the process of making scheduling decisions should involve as little user-defined information as possible.

View More Papers

RVPLAYER: Robotic Vehicle Forensics by Replay with What-if Reasoning

Hongjun Choi (Purdue University), Zhiyuan Cheng (Purdue University), Xiangyu Zhang (Purdue University)

Read More

Testability Tarpits: the Impact of Code Patterns on the...

Feras Al Kassar (SAP Security Research), Giulia Clerici (SAP Security Research), Luca Compagna (SAP Security Research), Davide Balzarotti (EURECOM), Fabian Yamaguchi (ShiftLeft Inc)

Read More

FANDEMIC: Firmware Attack Construction and Deployment on Power Management...

Ryan Tsang (University of California, Davis), Doreen Joseph (University of California, Davis), Qiushi Wu (University of California, Davis), Soheil Salehi (University of California, Davis), Nadir Carreon (University of Arizona), Prasant Mohapatra (University of California, Davis), Houman Homayoun (University of California, Davis)

Read More

The Inconvenient Truths of Ground Truth for Binary Analysis

Jim Alves-Foss, Varsha Venugopal (University of Idaho)

Read More