Modern cloud environments allow users to consume computationaland storage resources in the form of virtual machines. Eventhough machines running on the same cloud server are logically isolatedfrom each other, a malicious customer can create various side channelsto obtain sensitive information from co-located machines. In this study,we concentrate on timely detection of intentional co-residence attemptsin cloud environments that utilize software-defined networking. SDN enablesglobal visibility of the network state which allows the cloud providerto monitor and extract necessary information from each flow in everyvirtual network in online mode. We analyze the extracted statistics ondifferent levels in order to find anomalous patterns. The detection resultsobtained show us that the co-residence verification attack can bedetected with the methods that are usually employed for botnet analysis.
展开▼
