exploiting memory remnant vulnerabilities to do cross-tenant data extraction in cloud systems

Open Access
Keating, Daniel Steven
Graduate Program:
Computer Science
Master of Science
Document Type:
Master Thesis
Date of Defense:
July 19, 2012
Committee Members:
  • Peng Liu, Thesis Advisor
  • Cloud computing
  • security
One of the recent innovations in providing third-party support for processing needs is cloud computing. These clouds provide scalable hardware and software resources on demand in exchange for a fee. However, this reliance on third party hardware and software does come with increased security challenges. The vulnerability we chose to analyze was whether the shared physical resources would allow memory remnants to be passed between virtual machine tenants. We analyzed two possible ways for these memory remnants to be transferred to an attacker, through a virtual machine closing and through one losing memory because the hypervisor ordered it to shrink. We examined whether memory would be leaked and how often we could discover memory remnants with different sized tenants. In both cases, we discovered that tenants on a shared physical machine were able to discover valuable data about programs that had closed recently. With this data, an attacker could easily determine what other users on the cloud were doing. Based on our discovery, we determined that in both cases, there was significant risk of memory being leaked cross-tenant when using a hypervisor. We also analyzed different defenses to remove the possibility of remnants, and came up with a proposed defense to ensure that the problem wouldn’t persist.