On the feasibility of side-channel attacks in a virtualized environment

The isolation among physically co-located virtual machines is an important prerequisite for ensuring the security in a virtualized environment (VE). The VE should prevent from exploitation of sidechannels stemming from the usage of shared resources, being hardware or software. However, despite the presumed secure logical isolation, a possible information leakage beyond the boundaries of a virtual machine due to side-channel exploits is a key concern in the VE. Such exploits have been demonstrated in the academic world during the last years. This paper takes into consideration the side-channel attacks threat, and points out that the feasibility of a SCA strongly depends on the specific context of the execution environment. The paper proposes a framework for feasibility assessment of SCAs using cache-based exploits as an example scenario. Furthermore, we provide a proof of concept to show how the feasibility of cache-based SCAs can be assessed using the proposed approach. © Springer International Publishing Switzerland 2015.