Bit of a Close Talker: A Practical Guide to Serverless Cloud Co-Location Attacks

TL;DR

This paper investigates vulnerabilities in serverless cloud schedulers that enable co-location attacks, demonstrating exploitability on real platforms and proposing a mitigation strategy to enhance security.

Contribution

It introduces a methodology to identify exploitable features in serverless schedulers and presents a new mitigation strategy called Double-Dip scheduler.

Findings

Successfully achieved co-location on open-source and Azure functions

Revealed exploitable vulnerabilities in serverless scheduling algorithms

Proposed the Double-Dip scheduler to defend against co-location attacks

Abstract

Serverless computing has revolutionized cloud computing by offering users an efficient, cost-effective way to develop and deploy applications without managing infrastructure details. However, serverless cloud users remain vulnerable to various types of attacks, including micro-architectural side-channel attacks. These attacks typically rely on the physical co-location of victim and attacker instances, and attackers need to exploit cloud schedulers to achieve co-location with victims. Therefore, it is crucial to study vulnerabilities in serverless cloud schedulers and assess the security of different serverless scheduling algorithms. This study addresses the gap in understanding and constructing co-location attacks in serverless clouds. We present a comprehensive methodology to uncover exploitable features in serverless scheduling algorithms and to devise strategies for constructing co-location attacks via normal user interfaces. In our experiments, we successfully reveal exploitable vulnerabilities and achieve instance co-location on prevalent open-source infrastructures and Microsoft Azure Functions. We also present a mitigation strategy, the Double-Dip scheduler, to defend against co-location attacks in serverless clouds. Our work highlights critical areas for security enhancements in current cloud schedulers, offering insights to fortify serverless computing environments against potential co-location attacks.