Leveraging KVM Events to Detect Cache-Based Side Channel Attacks in a Virtualization Environment

<div>(a) Dataset distribution using the <svg height="9.49473pt" id="M82" style="vertical-align:-0.2063999pt" version="1.1" viewbox="-0.0498162 -9.28833 6.66314 9.49473" width="6.66314pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M480 416C480 431 465 448 438 448C388 448 312 383 252 330C217 299 188 273 155 237H153L257 680C262 700 263 712 253 712C240 712 183 684 97 674L92 648L126 647C166 646 172 645 163 606L23 -6L29 -12C51 -5 77 2 107 8C115 62 130 128 142 180C153 193 179 220 204 241C231 170 259 106 288 54C317 0 336 -12 358 -12C381 -12 423 2 477 80L460 100C434 74 408 54 398 54C385 54 374 65 351 107C326 154 282 241 263 299C296 332 351 377 403 377C424 377 436 372 445 368C449 366 456 368 462 375C472 386 480 402 480 416Z" id="g113-108"></path></g></svg>-fold cross-validation technique to find an AUC value from a pair of CSCa and non-CSCa datasets for the SVM classification. (b) An example of a 5-fold cross-validation ROC graph.</div>

Security and Communication Networks

fig3

Figure 3

Figure 3: Leveraging KVM Events to Detect Cache-Based Side Channel Attacks in a Virtualization Environment 