Protecting Secrets in Cloud Applications using Moving-Target Defense

Abstract

Over the last decade, more and more IT systems are moved from on-premise or co-located servers to cloud infrastructure to take advantage of the reduced cost, complexity and time-to-market that cloud infrastructure brings. However, a shared environment, such as a server shared between different customers, exposes customers to sophisticated side-channel attacks, where a malicious virtual machine can steal information from any of the other virtual machines running on the same host. Thisthesis proposes a solution to this problem by utilizing moving-target defense, where the virtual machine of the customer is moved to different physical machines on a regular basis to avoid any adversary from having enough time to perform long-running side-channel attacks. To solve the connectivity problem, where clients need to connect to this moving virtual machine, a reverse proxy is used that keeps track of the current location of the virtual machine and keeps the connections alive. Benchmarks show that the added latency is insignificant for most applications, and the slight reduction in throughput is unlikely to become a bottleneck.