Stealing Cycles from the Cloud

In recent times, cloud computing services, such as Amazon EC2, and Microsoft Azure have become very popular. These services provide customers with virtual machines (VMs) running on the service provider’s hardware, managed by a hypervisor (e.g. Xen, Hyper-V).

We have discovered a flaw in the Xen scheduling algorithm which allows VMs to cheat – to consume almost all CPU resources on a system (as much as 98%) regardless of their fair share. In a cloud computing service, such a flaw presents a theft-of-service vulnerability, potentially at the expense of other VMs sharing the same hardware. We show results demonstrating this vulnerability in the lab as well as on Amazon EC2.

We present fixes to the problem along with experimental results showing the fixes have negligible overhead. We also present algorithms and bounds for the (combinatorial) problem of efficiently detecting VM co-placement.

This is joint work with Peter Desnoyers, Manish Goel, and Fangfei Zhou.

Speaker Details

Ravi Sundaram joined Northeastern University in the fall of 2003. Prior to that he was at Akamai Technologies, where he played a key role in the buildout of the world’s leading content delivery network. He has a Bachelors from IIT(Madras) and a PhD from MIT. His primary research interests lie in networks and algorithms. He has also worked in combinatorics and complexity theory.

Date:
Speakers:
Ravi Sundaram
Affiliation:
Northeastern University

    • Portrait of Jeff Running

      Jeff Running