Given the rise in popularity of cloud computing and platform-as-a-service, vulnerabilities, inherent to systems which share hardware resources, will become increasingly attractive targets to malicious software authors.
In this paper, we introduce a novel side channel across virtual machines through the detection of out-of-order execution. We create a simple duplex channel as well as a broadcast channel. We discuss possible adversaries for this channel and propose further work to make this channel more secure, efficient and applicable in realistic scenarios. In addition, we consider seven possible malicious applications of this channel: theft of encryption keys, program identification, environmental keying, malicious triggers, denial of service attacks, determining VM co-location, malicious data injection, and side channels.
