COTSknight: Practical Defense against Cache Timing Channel Attacks using Cache Monitoring and Partitioning Technologies

2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) Pub Date : 2019-05-01 DOI:10.1109/HST.2019.8740835

Fan Yao, Hongyu Fang, M. Doroslovački, Guru Venkataramani

{"title":"COTSknight: Practical Defense against Cache Timing Channel Attacks using Cache Monitoring and Partitioning Technologies","authors":"Fan Yao, Hongyu Fang, M. Doroslovački, Guru Venkataramani","doi":"10.1109/HST.2019.8740835","DOIUrl":null,"url":null,"abstract":"Recent studies have shown how adversaries can exploit hardware cache structures to launch information leakage-based attacks. Among these attacks, timing channels are especially worrisome since adversaries communicate simply by modulating the timing of shared resource accesses, and do not leave any physical trace of the communication. Therefore, guarding the system against such attacks is critical. Unfortunately, most existing mitigation mechanisms either require non-trivial hardware modifications and/or incur high runtime overheads.In this paper, we propose COTSknight, a new framework that guards the system against several classes of cache timing channel attacks by making novel use of Commercial Off-The-Shelf (COTS) architectural support for cache resource monitoring and prioritization. We find that the adversary’s attempt to modulate cache access latency during attacks can be captured using cache occupancy patterns. COTSknight leverages efficient signal processing techniques on cache occupancy patterns to determine the potential for timing channel attacks. Once suspicious domains are identified, COTSknight disbands timing channels using dynamic cache partitioning schemes in hardware. We implement a prototype of our COTSknight framework on an Intel Xeon v4 server and evaluate its efficacy extensively using different spatial encoding schemes, as well as serial and parallel implementations of Last Level Cache (LLC) timing channels. Our results show that COTSknight can successfully thwart several classes of timing channel attacks by allocating disjoint LLC ways to malicious processes. Even in benign cache-intensive workloads, we observe a 6% cache partition trigger rate that results in a relatively small 5% worst-case performance degradation. Interestingly, for some benign applications, upon COTSknight’s cache partition, we observe an improved performance by up to 9.2% through eliminating cache interference.","PeriodicalId":146928,"journal":{"name":"2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","volume":"40 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"14","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HST.2019.8740835","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 14

Abstract

Recent studies have shown how adversaries can exploit hardware cache structures to launch information leakage-based attacks. Among these attacks, timing channels are especially worrisome since adversaries communicate simply by modulating the timing of shared resource accesses, and do not leave any physical trace of the communication. Therefore, guarding the system against such attacks is critical. Unfortunately, most existing mitigation mechanisms either require non-trivial hardware modifications and/or incur high runtime overheads.In this paper, we propose COTSknight, a new framework that guards the system against several classes of cache timing channel attacks by making novel use of Commercial Off-The-Shelf (COTS) architectural support for cache resource monitoring and prioritization. We find that the adversary’s attempt to modulate cache access latency during attacks can be captured using cache occupancy patterns. COTSknight leverages efficient signal processing techniques on cache occupancy patterns to determine the potential for timing channel attacks. Once suspicious domains are identified, COTSknight disbands timing channels using dynamic cache partitioning schemes in hardware. We implement a prototype of our COTSknight framework on an Intel Xeon v4 server and evaluate its efficacy extensively using different spatial encoding schemes, as well as serial and parallel implementations of Last Level Cache (LLC) timing channels. Our results show that COTSknight can successfully thwart several classes of timing channel attacks by allocating disjoint LLC ways to malicious processes. Even in benign cache-intensive workloads, we observe a 6% cache partition trigger rate that results in a relatively small 5% worst-case performance degradation. Interestingly, for some benign applications, upon COTSknight’s cache partition, we observe an improved performance by up to 9.2% through eliminating cache interference.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

使用缓存监控和分区技术对缓存定时通道攻击的实用防御

最近的研究显示了攻击者如何利用硬件缓存结构来发起基于信息泄漏的攻击。在这些攻击中，定时通道尤其令人担忧，因为攻击者仅仅通过调制共享资源访问的定时进行通信，并且不留下任何通信的物理痕迹。因此，保护系统免受此类攻击至关重要。不幸的是，大多数现有的缓解机制要么需要非常重要的硬件修改，要么会产生很高的运行时开销。在本文中，我们提出了COTSknight，这是一个新的框架，通过新颖地使用商用现货(COTS)架构支持缓存资源监控和优先级，保护系统免受几种缓存时间通道攻击。我们发现对手在攻击期间调制缓存访问延迟的尝试可以使用缓存占用模式捕获。COTSknight利用缓存占用模式上的有效信号处理技术来确定定时通道攻击的可能性。一旦识别出可疑的域，COTSknight就会使用硬件中的动态缓存分区方案来分解定时通道。我们在Intel Xeon v4服务器上实现了COTSknight框架的原型，并使用不同的空间编码方案以及Last Level Cache (LLC)时序通道的串行和并行实现来广泛评估其有效性。我们的结果表明，COTSknight可以通过向恶意进程分配不连接的LLC方式来成功地阻止几种时间通道攻击。即使在良性的缓存密集型工作负载中，我们也观察到6%的缓存分区触发率会导致相对较小的最坏情况下5%的性能下降。有趣的是，对于一些良性应用程序，在COTSknight的缓存分区上，我们观察到通过消除缓存干扰，性能提高了9.2%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)

自引率

0.00%

发文量