CDT to detect co-residence in cloud computing

Abstract

Virtualization has been wide used for serving the ever growing computing demand, allowing cloud providers to instantiate multiple virtual machines (VMs) on a single set of physical resources. Customers use this shared resources without warned about the possibility of extracting or manipulating their sensitive data by an attacker who can co-resident his malicious VM with the target one. This paper presents the Co-residence Detection Technique (CDT), a method to analyze how attackers can co-resident with a target VM. Our method consists of three parts: (a) cartography cloud (b) co-residence test and (c) request for migration. We used Amazon EC2, GCE and Microsoft Azure as a case study to demonstrate that is possible to scan the local network and confirm co-residency with a target VM instance by using the network commands.