Memory DoS Attacks in Multi-tenant Clouds: Severity and Mitigation

Memory DoS attacks are Denial of Service (or Degradation of Service) attacks caused by contention for hardware memory resources. In cloud computing, these availability breaches are serious security threats that occur despite the strong memory isolation techniques for Virtual Machines (VMs), enforced by the software virtualization layer. The underlying hardware memory layers are still shared by the VMs and can be exploited by a clever attacker in a hostile VM co-located on the same server as the victim VM. While memory contention has been studied in past work, the severity of contention on different levels of the memory hierarchy has not been systematically studied, as we do in this paper. We identify design vulnerabilities and show how memory DoS attacks can be constructed. We also show how a malicious cloud customer can mount low-cost attacks, using just a few co-located hostile VMs to cause severe performance degradation for a distributed application, Hadoop, consisting of multiple victim VMs, and 38× delay in response time for an E-commerce website. We show a new defense system for these memory DoS attacks, using a statistical metric based on performance counter measurements. We implement a full prototype of this defense architecture on the OpenStack cloud system.