Aastha Mehta

Max Planck Institute for Software Systems

Position: PhD Student
Rising Stars year of participation: 2018
Bio

Aastha Ketan Mehta is a final-year PhD student at Max Planck Institute for Software Systems (MPI-SWS)in Germany, advised by Peter Druschel and Deepak Garg.  My research interests involves operating systems, networking, and security.  She is interested in solving security problems from a systems perspective.  She received a bachelor’s degree in computer science from Birla Institute of Technology and Science (BITS) in India in 2011.  She spent a year as a technical staffer at NetApp Inc. in Bangalore, where she worked on the file system consistency checker tool for the WAFL file system.  She interned at Microsoft Research Cambridge in the U.K. in 2015 where she worked on SGX-enabled secure multiparty computing protocol and side channels in SGX.  She was one of the 200 young researchers selected to attend the Fourth Heidelberg Laureate Forum.

Pacer: Efficient I/O Side-Channel Mitigation in the Cloud

Pacer: Efficient I/O Side-Channel Mitigation in the Cloud
An important concern for cloud customers is the confidentiality of their cloud-hosted data and computation. Of particular concern are leaks through side channels that arise due to the sharing of cloud resources among distrusting tenants. For instance, by passively observing contention at a shared network link, one can infer the timing and size of a tenant’s network packets, which in turn can reveal the tenant’s secrets. To mitigate such network side channels, we are building Pacer, a system to shape a tenant’s network traffic such that any publicly observable aspect of the traffic (e.g., packet sizes, timing) is independent of the tenant’s secrets. To make traffic shaping efficient, Pacer can dynamically adapt the shape of the tenant’s traffic as long as the adaptation is only based on public information in the tenant’s requests. For instance, Pacer can allow the shape of HTML traffic to differ from that of video traffic if the type of the traffic requested (i.e., HTML or video) is public information. Pacer’s design addresses several challenges in designing a secure, efficient, and practical traffic shaping system. Pacer relies on dynamic profiling of tenant applications to determine public input dependent traffic shapes, which helps to reduce end-user latency and bandwidth wastage during shaping. It relies on a small isolated component in the hypervisor to transmit packets at precise times specified in a tenant’s transmission schedule. If the tenant fails to provide packets that the schedule expects, Pacer transmits dummy packets, which are indistinguishable to a passive observer. Finally, Pacer’s shaping is designed to be TCP-friendly and not cause a congestive collapse of the network. Preliminary experiments show that Pacer can protect private aspects of the tenants’ traffic while incurring moderate overheads.