Side-Channel Attacks on Open vSwitch

• URL: http://arxiv.org/abs/2601.15632v1
• Date: Thu, 22 Jan 2026 04:12:03 GMT
• Title: Side-Channel Attacks on Open vSwitch
• Authors: Daewoo Kim, Sihang Liu,
• Abstract summary: The Open vSwitch (OVS) is one of the most popular software-based virtual switches.<n>We present three remote attacks via OVS, breaking the confidentiality in covert environments.
• Score: 1.1352077875520463
• License: http://creativecommons.org/licenses/by-nc-sa/4.0/
• Abstract: Virtualization is widely adopted in cloud systems to manage resource sharing among users. A virtualized environment usually deploys a virtual switch within the host system to enable virtual machines to communicate with each other and with the physical network. The Open vSwitch (OVS) is one of the most popular software-based virtual switches. It maintains a cache hierarchy to accelerate packet forwarding from the host to virtual machines. We characterize the caching system inside OVS from a security perspective and identify three attack primitives. Based on the attack primitives, we present three remote attacks via OVS, breaking the isolation in virtualized environments. First, we identify remote covert channels using different caches. Second, we present a novel header recovery attack that leaks a remote user's packet header fields, breaking the confidentiality guarantees from the system. Third, we demonstrate a remote packet rate monitoring attack that recovers the packet rate of a remote victim. To defend against these attacks, we also discuss and evaluate mitigation solutions.

Related papers

• RedVisor: Reasoning-Aware Prompt Injection Defense via Zero-Copy KV Cache Reuse [47.85771791033142]
  We propose RedVisor, a framework that synthesizes the explainability of detection systems with the seamless integration of prevention strategies.<n>RedVisor is the first approach to leverage fine-grained reasoning paths to simultaneously detect attacks and guide the model's safe response.<n> Experiments demonstrate that RedVisor outperforms state-of-the-art defenses in detection accuracy and throughput while incurring negligible utility loss.
  arXiv  Detail & Related papers  (2026-02-02T08:26:51Z)
• NecoFuzz: Effective Fuzzing of Nested Virtualization via Fuzz-Harness Virtual Machines [0.7646713951724009]
  We present NecoFuzz, the first fuzzing framework that systematically targets nested virtualization-specific logic.<n>We implement NecoFuzz on Intel VT-x and AMD-V by extending AFL++ to support fuzz-harness.
  arXiv  Detail & Related papers  (2025-12-09T17:50:32Z)
• Breaking Isolation: A New Perspective on Hypervisor Exploitation via Cross-Domain Attacks [36.844941042404315]
  Cross-Domain Attacks are a class of exploitation techniques that enable capability escalation through guest memory reuse.<n>We develop a system that identifies cross-domain gadgets, matches them with corrupted pointers, synthesizes triggering inputs, and assembles complete exploit chains.
  arXiv  Detail & Related papers  (2025-12-03T20:55:26Z)
• Cuckoo Attack: Stealthy and Persistent Attacks Against AI-IDE [64.47951172662745]
  Cuckoo Attack is a novel attack that achieves stealthy and persistent command execution by embedding malicious payloads into configuration files.<n>We formalize our attack paradigm into two stages, including initial infection and persistence.<n>We contribute seven actionable checkpoints for vendors to evaluate their product security.
  arXiv  Detail & Related papers  (2025-09-19T04:10:52Z)
• Poison Once, Control Anywhere: Clean-Text Visual Backdoors in VLM-based Mobile Agents [54.35629963816521]
  This work introduces VIBMA, the first clean-text backdoor attack targeting VLM-based mobile agents.<n>The attack injects malicious behaviors into the model by modifying only the visual input.<n>We show that our attack achieves high success rates while preserving clean-task behavior.
  arXiv  Detail & Related papers  (2025-06-16T08:09:32Z)
• MeMoir: A Software-Driven Covert Channel based on Memory Usage [7.424928818440549]
  MeMoir is a novel software-driven covert channel that, for the first time, utilizes memory usage as the medium for the channel. We implement a machine learning-based detector that can predict whether an attack is present in the system with an accuracy of more than 95%. We introduce a noise-based countermeasure that effectively mitigates the attack while inducing a low power overhead in the system.
  arXiv  Detail & Related papers  (2024-09-20T08:10:36Z)
• Dynamic Frequency-Based Fingerprinting Attacks against Modern Sandbox Environments [7.753621963239778]
  We investigate the possibility of fingerprinting containers through CPU frequency reporting sensors in Intel and AMD CPUs. We demonstrate that Docker images exhibit a unique frequency signature, enabling the distinction of different containers with up to 84.5% accuracy. Our empirical results show that these attacks can also be carried out successfully against all of these sandboxes in less than 40 seconds.
  arXiv  Detail & Related papers  (2024-04-16T16:45:47Z)
• Microarchitectural Security of AWS Firecracker VMM for Serverless Cloud Platforms [9.345368209757495]
  Firecracker is a virtual machine manager built by Amazon Web Services (AWS) for serverless cloud platforms. We show that AWS overstates the security inherent to the Firecracker VMM and provides incomplete guidance for properly securing cloud systems that use Firecracker.
  arXiv  Detail & Related papers  (2023-11-27T16:46:03Z)
• Can Adversarial Examples Be Parsed to Reveal Victim Model Information? [62.814751479749695]
  In this work, we ask whether it is possible to infer data-agnostic victim model (VM) information from data-specific adversarial instances. We collect a dataset of adversarial attacks across 7 attack types generated from 135 victim models. We show that a simple, supervised model parsing network (MPN) is able to infer VM attributes from unseen adversarial attacks.
  arXiv  Detail & Related papers  (2023-03-13T21:21:49Z)
• Channel-wise Gated Res2Net: Towards Robust Detection of Synthetic Speech Attacks [67.7648985513978]
  Existing approaches for anti-spoofing in automatic speaker verification (ASV) still lack generalizability to unseen attacks. We present a novel, channel-wise gated Res2Net (CG-Res2Net), which modifies Res2Net to enable a channel-wise gating mechanism.
  arXiv  Detail & Related papers  (2021-07-19T12:27:40Z)
• Adversarial EXEmples: A Survey and Experimental Evaluation of Practical Attacks on Machine Learning for Windows Malware Detection [67.53296659361598]
  adversarial EXEmples can bypass machine learning-based detection by perturbing relatively few input bytes. We develop a unifying framework that does not only encompass and generalize previous attacks against machine-learning models, but also includes three novel attacks. These attacks, named Full DOS, Extend and Shift, inject the adversarial payload by respectively manipulating the DOS header, extending it, and shifting the content of the first section.
  arXiv  Detail & Related papers  (2020-08-17T07:16:57Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.