LiD-CAT: A Lightweight Detector for Cache ATtacks

Reinbrecht, Cezar; Hamdioui, Said; Taouil, Mottaqiallah; Niazmand, Behrad; Ghasempouri, Tara; Raik, Jaan; Sepúlveda, Johanna

doi:10.1109/ets48528.2020.9131603

Cited by 8 publications

(4 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, some less flexible propositions-such as the monitoring of a small amount of selected microarchitectural signals directly in hardware-have been proposed to enforce the security of a specific hardware component. For instance, LiD-CAT [29] monitors cacherelated signals and performs detection with a state machine constructed based on a formal description of cache information leakage attacks.…”

Section: Hardware Signal Probingmentioning

confidence: 99%

“…A comparison of MATANA with previously presented solutions can be found in Table 1. [15] CTCs detection no event limited no PMUe [16] no ROP detection event no no Wahab et al [19] no DIFT instruction high no Lee et al [20] no ROP detection instruction high no Raksha [21] no DIFT instruction + tag limited no FlexCore [22] no DIFT instruction high no Harmoni [23] no DIFT instruction + tag limited no LBA [24] no DIFT instruction no no PHMon [25] no DIFT instruction limited no REHAD [26] CSCAs detection no instruction high no LiD-CAT [29] CSCAs detection no cache internal no no MATANA unspecific unspecific any high yes…”

Section: Hardware Signal Probingmentioning

confidence: 99%

See 1 more Smart Citation

MATANA: A Reconfigurable Framework for Runtime Attack Detection Based on the Analysis of Microarchitectural Signals

2022

View full text Add to dashboard Cite

Microarchitectural attacks exploit target hardware properties to break software isolation techniques used by the processor. These attacks are extremely powerful and hard to detect since the determination of the program execution’s impact on the microarchitecture is at the same time not precisely understood and not easily observable at the software layer. Some approaches have attempted to benefit from existing hardware to better understand and detect the microarchitectural attacks (i.e., Hardware Performance Counters or Arm CoreSight), but such hardware was not meant to be used for cybersecurity, with reduced choice on observable signals and limited throughput of information. In this paper, we propose MATANA, an open and adaptive reconfigurable hardware/software co-designed framework. Combining fine-grained analysis of microarchitectural signals and software support, MATANA allows to design and assess detection mechanisms for attacks by characterizing their microarchitectural effects—in particular, microarchitectural attacks, but also some high-level attacks such as return-oriented programming attacks. The paper also describes a prototype implementation, built with a RISC-V softcore processor Rocket running Linux 4.15 on a Virtex-6 FPGA. We successfully used MATANA to analyze cache side-channel attacks and build attack detection logic from two different perspectives: instruction-based and memory-access-based. We also successfully detected return-oriented programming attacks by exhibiting a specific behavioral pattern on the microarchitecture.

show abstract

Section: Hardware Signal Probingmentioning

confidence: 99%

Section: Hardware Signal Probingmentioning

confidence: 99%

MATANA: A Reconfigurable Framework for Runtime Attack Detection Based on the Analysis of Microarchitectural Signals

2022

View full text Add to dashboard Cite

show abstract

“…To combat these emerging threats, researchers have proposed secure cache schemes [5] [6], trusted execution environments [7] [8], and Hardware Performance Counter (HPC)-based microarchitectural detectors to identify malicious cache access patterns [9] [10] [11] or patterns associated with the critical path to exploit a microarchitectural side channel [12]. Secure cache architectures and trusted execution environments provide fundamental long-term solutions to protect systems against microarchitectural threats.…”

Section: Introductionmentioning

confidence: 99%

MADFAM: MicroArchitectural Data Framework and Methodology

et al. 2022

View full text Add to dashboard Cite

In the aftermath of Spectre and Meltdown researchers have proposed a variety of attack detection solutions by applying machine learning to data collected from hardware performance monitoring units. Although many microarchitectural attack detection systems provide high-accuracy detection results, the behavior of the underlying data collection mechanisms is not well described or understood. This research introduces the MicroArchitectural Data Framework And Methodology (MADFAM) to prescribe a systematic approach to collecting and preserving the information available in sequences of microarchitectural data. The proposed framework focuses on hardware performance counters (HPCs) as the primary data source. HPC configuration is complex, which makes it difficult for others to reproduce results or advance the stateof-the-art. This framework includes a description of design decisions that HPC research must consider across an array of problem domains, including information security. MADFAM proposes a data collection architecture and evaluation criteria to improve the discussion about the experimental settings and design decisions used in HPC research. The proposed framework evaluation criteria are then used to establish a baseline characterization of time series data that future research can use to compare alternative framework implementations.

show abstract

“…The industry further advanced this concept by creating secure zones, also known as Trust Execution Environments (TEE), which isolate the sensitive tasks completely; examples are Arm Trust Zone [9], Intel SGX [10], and Sanctum (RISC-V distribution) enclave [11]. Recently, the authors in [12] and [13] have used machine learning techniques trained with high-performance counters to detect a specific set of cache access attacks, while the authors in [14] used attack models to build a lightweight hardware detector. With respect to MPSoC communication, only hardware solutions have been presented.…”

Section: Introductionmentioning

confidence: 99%

Guard-NoC: A Protection Against Side-Channel Attacks for MPSoCs

Reinbrecht

Aljuffri

Hamdioui

et al. 2020

2020 IEEE Computer Society Annual Symposium on VLSI (ISVLSI)

Self Cite

View full text Add to dashboard Cite

Multi-Processor System-on-Chips (MPSoCs) are popular computational platforms for a wide variety of applications due to their energy efficiency and flexibility. Like many other platforms they are vulnerable to Side Channel Attacks (SCAs). In particular, Logical SCAs (LSCAs) are very powerful as sensitive information can be retrieved by simply observing system properties that depend on the victim's software execution on the MPSoC. Unfortunately, many of the current protection mechanisms are either platform dependent or are effective only against a reduced set of attacks. In this work, we present Guard-NoC, a secure Network-on-Chip (NoC) architecture able to protect MPSoCs against a wide variety of LSCAs. The secure NoC employs three application-independent strategies to hide and isolate sensitive information: i) blinding the execution time of operations; ii) masking the execution time of operations; and iii) dual communication strategy (i.e., use packet and circuit switching simultaneously). Our results show that our secure NoC is resilient against practical LSCAs and leaks almost no information while having a minimal area and power overhead.

show abstract

LiD-CAT: A Lightweight Detector for Cache ATtacks

Cited by 8 publications

References 16 publications

MATANA: A Reconfigurable Framework for Runtime Attack Detection Based on the Analysis of Microarchitectural Signals

MATANA: A Reconfigurable Framework for Runtime Attack Detection Based on the Analysis of Microarchitectural Signals

MADFAM: MicroArchitectural Data Framework and Methodology

Guard-NoC: A Protection Against Side-Channel Attacks for MPSoCs

Contact Info

Product

Resources

About