New cache designs for thwarting software cache-based side channel attacks

Wang, Zhenghong; Lee, Ruby B.

doi:10.1145/1273440.1250723

Cited by 242 publications

(295 citation statements)

References 8 publications

Supporting

Mentioning

291

Contrasting

Order By: Relevance

“…We do not protect against side-channels and covert channels; many previous works have addressed these issues [57,58]. We also do not protect against Denial-of-Service attacks initiated by higher privilege levels against lower levels, as higher levels can always deny service by preventing lower levels from executing.…”

Section: Threat Model and Assumptionsmentioning

confidence: 99%

A Non-Inclusive Memory Permissions architecture for protection against cross-layer attacks

Elwell

Riley

Abu-Ghazaleh

et al. 2014

2014 IEEE 20th International Symposium on High Performance Computer Architecture (HPCA)

View full text Add to dashboard Cite

Protecting modern computer systems and complex software stacks against the growing range of possible attacks is becoming increasingly difficult. The architecture of modern commodity systems allows attackers to subvert privileged system software often using a single exploit. Once the system is compromised, inclusive permissions used by current architectures and operating systems easily allow a compromised high-privileged software layer to perform arbitrary malicious activities, even on behalf of other software layers.This paper presents a hardware-supported page permission scheme for the physical pages that is based on the concept of non-inclusive sets of memory permissions for different layers of system software such as hypervisors, operating systems, and user-level applications. Instead of viewing privilege levels as an ordered hierarchy with each successive level being more privileged, we view them as distinct levels each with its own set of permissions. Such a permission mechanism, implemented as part of a processor architecture, provides a common framework for defending against a range of recent attacks. We demonstrate that such a protection can be achieved with negligible performance overhead, low hardware complexity and minimal changes to the commodity OS and hypervisor code.

show abstract

Section: Threat Model and Assumptionsmentioning

confidence: 99%

A Non-Inclusive Memory Permissions architecture for protection against cross-layer attacks

Elwell

Riley

Abu-Ghazaleh

et al. 2014

2014 IEEE 20th International Symposium on High Performance Computer Architecture (HPCA)

View full text Add to dashboard Cite

show abstract

“…-Testing to guide system design: The basic framework for information flow measurement via repeated deterministic replays presented in this paper could be used to test existing systems for inference and side channels [7][8][9][10]. -Information flow security systems: Researchers have begun to explore the possibility of building systems that enforce information flow security by comparing different outputs for different inputs [11].…”

Section: Applicationsmentioning

confidence: 99%

“…This inequality says that the entropy in the log file can only come from three sources: D, A, and N . The deterministic behavior that we did not need to log and replay from the log but did (I(L; D)) is chosen nondeterministically, meaning that before the transaction we do not know what determinism will be logged, so this term can be non-zero 10 . Any entropy from the confidential data A that was logged (I(L; A)) and then replayed will mask the entropy and can hide a covert channel from us.…”

Section: Theory Vs Practicementioning

confidence: 99%

See 1 more Smart Citation

Putting Trojans on the Horns of a Dilemma: Redundancy for Information Theft Detection

Crandall

Brevik

et al. 2009

Transactions on Computational Science IV

View full text Add to dashboard Cite

Abstract. Conventional approaches to either information flow security or intrusion detection are not suited to detecting Trojans that steal information such as credit card numbers using advanced cryptovirological and inference channel techniques. We propose a technique based on repeated deterministic replays in a virtual machine to detect the theft of private information. We prove upper bounds on the average amount of information an attacker can steal without being detected, even if they are allowed an arbitrary distribution of visible output states. Our intrusion detection approach is more practical than traditional approaches to information flow security. We show that it is possible to, for example, bound the average amount of information an attacker can steal from a 53-bit credit card number to less than a bit by sampling only 11 of the 2 53 possible outputs visible to the attacker, using a two-pronged approach of hypothesis testing and information theory.

show abstract

“…Subsequent research verified the correctness of the findings [11,10,9,15], improved the attack technically [14,3,8] or algorithmically [5], and devised and analysed countermeasures [6,4,16].…”

Section: Introductionmentioning

confidence: 95%