Efficient, adversarial neighbor discovery using logical channels on microsoft azure

Abstract

We introduce an effective technique liat exploits ki ical chann els fia malicious co-location and target identification on Microsoft Azure cloud instances. Specifically, we eniploy two co-location scenarios: tiu'gv ted ce-location with a spec ilic victim or co-location with subsequent identification of victims of interest. We develop a novel, noise-resistant col ocation detection metho(1 through the network channel that provides fast, reliable results with no cooperation front the Victun. Also, our method does not. require acci to t lie victim instance neither as a legitimate user nor a malicious attacker. The efficacy of the proposed technique enables practical QoS degradation attacks which are ea.cy and cheap to unp lement yet hard to discover. The slightest performance clegradnnt.ioii in web interfaces or time critical applications cati result. iii significant financial losses. To this end, we show that once ce-located, a nialicious instance can use memory bus locking to render t.he victim server unusable to the cust omers. This work underlines the need for cloud service providers to apply stronger isolation techniques.