The vAMP Attack: Taking control of cloud systems via the unified packet parser

Kashyap Thimmaraju; Bhargava Shastry; Tobias Fiebig; Felicitas Hetzelt; Jean Pierre Seifert; Anja Feldmann; Stefan Schmid

doi:10.1145/3140649.3140651

The vAMP Attack: Taking control of cloud systems via the unified packet parser

Kashyap Thimmaraju, Bhargava Shastry, Tobias Fiebig, Felicitas Hetzelt, Jean Pierre Seifert, Anja Feldmann, Stefan Schmid

Publikation: Bidrag til bog/antologi/rapport/konference proceeding › Konferenceartikel i proceeding › Forskning › peer review

6 Citationer (Scopus)

Abstract

Virtual switches are a crucial component of cloud operating systems that interconnect virtual machines in a flexible manner. They implement complex network protocol parsing in the unified packet parser-parsing all supported packet header fields in a single pass- and are commonly co-located with the virtualization layer. We find that this significantly reduces the barrier for low-budget attackers to launch high impact attacks in the cloud. This leads us to introduce the virtual switch attacker model for packet-parsing, in short the vAMP attack. Using OpenStack, a cloud operating system, and Open vSwitch, a virtual switch, we demonstrate how current virtual switch designs cannot withstand vAMP. Thereby giving a weak attacker full control of the cloud in a matter of minutes.

Originalsprog	Engelsk
Titel	CCSW 2017 - Proceedings of the 2017 Cloud Computing Security Workshop, co-located with CCS 2017
Antal sider	5
Forlag	Association for Computing Machinery
Publikationsdato	3 nov. 2017
Sider	11-15
ISBN (Trykt)	978-1-4503-5204-8
ISBN (Elektronisk)	9781450353939
DOI	https://doi.org/10.1145/3140649.3140651
Status	Udgivet - 3 nov. 2017
Begivenhed	8th ACM Cloud Computing Security Workshop, CCSW 2017 - Dallas, USA Varighed: 3 nov. 2017 → …

Konference

Konference	8th ACM Cloud Computing Security Workshop, CCSW 2017
Land/Område	USA
By	Dallas
Periode	03/11/2017 → …
Sponsor	ACM SIGSAC

Adgang til dokumentet

10.1145/3140649.3140651

AUB Link

Søg efter materialet i Aalborg Universitetsbiblioteks søgemaskine

Andre filer og links

http://www.scopus.com/inward/record.url?scp=85037037507&partnerID=8YFLogxK

Citationsformater

Thimmaraju, K., Shastry, B., Fiebig, T., Hetzelt, F., Seifert, J. P., Feldmann, A., & Schmid, S. (2017). The vAMP Attack: Taking control of cloud systems via the unified packet parser. I CCSW 2017 - Proceedings of the 2017 Cloud Computing Security Workshop, co-located with CCS 2017 (s. 11-15). Association for Computing Machinery. https://doi.org/10.1145/3140649.3140651

@inproceedings{a4d3296268bc433d9d412e505b00585b,

title = "The vAMP Attack: Taking control of cloud systems via the unified packet parser",

abstract = "Virtual switches are a crucial component of cloud operating systems that interconnect virtual machines in a flexible manner. They implement complex network protocol parsing in the unified packet parser-parsing all supported packet header fields in a single pass- and are commonly co-located with the virtualization layer. We find that this significantly reduces the barrier for low-budget attackers to launch high impact attacks in the cloud. This leads us to introduce the virtual switch attacker model for packet-parsing, in short the vAMP attack. Using OpenStack, a cloud operating system, and Open vSwitch, a virtual switch, we demonstrate how current virtual switch designs cannot withstand vAMP. Thereby giving a weak attacker full control of the cloud in a matter of minutes.",

keywords = "Attacker Models, Cloud Security, Data Plane Security, MPLS, Network Isolation, Network Virtualization, NFV, Open vSwitch, OpenStack, Packet Parsing, ROP, SDN, Virtual Switches",

author = "Kashyap Thimmaraju and Bhargava Shastry and Tobias Fiebig and Felicitas Hetzelt and Seifert, {Jean Pierre} and Anja Feldmann and Stefan Schmid",

year = "2017",

month = nov,

day = "3",

doi = "10.1145/3140649.3140651",

language = "English",

isbn = "978-1-4503-5204-8",

pages = "11--15",

booktitle = "CCSW 2017 - Proceedings of the 2017 Cloud Computing Security Workshop, co-located with CCS 2017",

publisher = "Association for Computing Machinery",

address = "United States",

note = "8th ACM Cloud Computing Security Workshop, CCSW 2017 ; Conference date: 03-11-2017",

}

Thimmaraju, K, Shastry, B, Fiebig, T, Hetzelt, F, Seifert, JP, Feldmann, A & Schmid, S 2017, The vAMP Attack: Taking control of cloud systems via the unified packet parser. i CCSW 2017 - Proceedings of the 2017 Cloud Computing Security Workshop, co-located with CCS 2017. Association for Computing Machinery, s. 11-15, 8th ACM Cloud Computing Security Workshop, CCSW 2017, Dallas, USA, 03/11/2017. https://doi.org/10.1145/3140649.3140651

The vAMP Attack: Taking control of cloud systems via the unified packet parser. / Thimmaraju, Kashyap; Shastry, Bhargava; Fiebig, Tobias et al.
CCSW 2017 - Proceedings of the 2017 Cloud Computing Security Workshop, co-located with CCS 2017. Association for Computing Machinery, 2017. s. 11-15.

Publikation: Bidrag til bog/antologi/rapport/konference proceeding › Konferenceartikel i proceeding › Forskning › peer review

TY - GEN

T1 - The vAMP Attack

T2 - 8th ACM Cloud Computing Security Workshop, CCSW 2017

AU - Thimmaraju, Kashyap

AU - Shastry, Bhargava

AU - Fiebig, Tobias

AU - Hetzelt, Felicitas

AU - Seifert, Jean Pierre

AU - Feldmann, Anja

AU - Schmid, Stefan

PY - 2017/11/3

Y1 - 2017/11/3

N2 - Virtual switches are a crucial component of cloud operating systems that interconnect virtual machines in a flexible manner. They implement complex network protocol parsing in the unified packet parser-parsing all supported packet header fields in a single pass- and are commonly co-located with the virtualization layer. We find that this significantly reduces the barrier for low-budget attackers to launch high impact attacks in the cloud. This leads us to introduce the virtual switch attacker model for packet-parsing, in short the vAMP attack. Using OpenStack, a cloud operating system, and Open vSwitch, a virtual switch, we demonstrate how current virtual switch designs cannot withstand vAMP. Thereby giving a weak attacker full control of the cloud in a matter of minutes.

AB - Virtual switches are a crucial component of cloud operating systems that interconnect virtual machines in a flexible manner. They implement complex network protocol parsing in the unified packet parser-parsing all supported packet header fields in a single pass- and are commonly co-located with the virtualization layer. We find that this significantly reduces the barrier for low-budget attackers to launch high impact attacks in the cloud. This leads us to introduce the virtual switch attacker model for packet-parsing, in short the vAMP attack. Using OpenStack, a cloud operating system, and Open vSwitch, a virtual switch, we demonstrate how current virtual switch designs cannot withstand vAMP. Thereby giving a weak attacker full control of the cloud in a matter of minutes.

KW - Attacker Models

KW - Cloud Security

KW - Data Plane Security

KW - MPLS

KW - Network Isolation

KW - Network Virtualization

KW - NFV

KW - Open vSwitch

KW - OpenStack

KW - Packet Parsing

KW - ROP

KW - SDN

KW - Virtual Switches

UR - http://www.scopus.com/inward/record.url?scp=85037037507&partnerID=8YFLogxK

U2 - 10.1145/3140649.3140651

DO - 10.1145/3140649.3140651

M3 - Article in proceeding

AN - SCOPUS:85037037507

SN - 978-1-4503-5204-8

SP - 11

EP - 15

BT - CCSW 2017 - Proceedings of the 2017 Cloud Computing Security Workshop, co-located with CCS 2017

PB - Association for Computing Machinery

Y2 - 3 November 2017

ER -

The vAMP Attack: Taking control of cloud systems via the unified packet parser

Abstract

Konference

Adgang til dokumentet

AUB Link

Andre filer og links

Fingeraftryk

Citationsformater