An Efficient Approach for Mitigating Covert Storage Channel Attacks in Virtual Machines by the Anti-Detection Criterion

Covert channels have been an effective means for leaking confidential information across security domains and numerous studies are available on typical covert channels attacks and defenses. Existing covert channel threat restriction solutions are based on the threat estimation criteria of covert channels such as capacity, accuracy, and short messages which are effective in evaluating the information transmission ability of a covert (storage) channel. However, these criteria cannot comprehensively reflect the key factors in the communication process such as shared resources and synchronization and therefore are unable to evaluate covertness and complexity of increasingly upgraded covert storage channels. As a solution, the anti-detection criterion was introduced to eliminate these limitations of cover channels. Though effective, most threat restriction techniques inevitably incur high performance overhead and hence become impractical. In this work, we avoid such overheads and present a restriction algorithm based on the anti-detection criterion to restrict threats that are associated with covert storage channels in virtual machines while maintaining the resource efficiency of the systems. Experimental evaluation shows that our proposed solution is able to counter covert storage channel attacks in an effective manner. Compared with Pump, a well-known traditional restriction algorithm used in practical systems, our solution significantly reduces the system overhead.