Title | ||
---|---|---|
Cyclone: Detecting Contention-Based Cache Information Leaks Through Cyclic Interference |
Abstract | ||
---|---|---|
Micro-architecture units like caches are notorious for leaking secrets across security domains. An attacker program can contend for on-chip state or bandwidth and can even use speculative execution in processors to drive this contention; and protecting against all contention-driven attacks is exceptionally challenging. Prior works can mitigate contention channels through caches by partitioning the larger, lower-level caches or by looking for anomalous performance or contention behavior. Neither scales to large number of fine-grained domains as required by browsers and web-services that place many domains within the same address space.
We observe that cache contention channels have a unique property - contention leaks information only when it is cyclic, i.e., domain A interferes with domain B, followed by interference from B to A. We propose to use this cyclic interference property to detect micro-architectural attacks as anomalous cyclic interference. Unlike partitioning, our detection approach scales to many concurrent domains in a single address space; and unlike prior anomaly detectors, cyclic interference is robust to noise from benign interference.
We track cyclic interference using non-intrusive detectors in an out-of-order core and stress test our prototype, Cyclone, with fine-grained isolation in browsers (against speculation-driven attacks) and coarse-grained isolation of cores (against covert-channels embedded in database and machine learning workloads). Full-system simulations on an ARM micro-architecture show close to perfect detection rates and 260 - 1000× lower false positives than using (state-of-the-art) contention alone, with slowdowns of only ~3.6%.
|
Year | DOI | Venue |
---|---|---|
2019 | 10.1145/3352460.3358273 | Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture |
Keywords | Field | DocType |
anomaly detection, secure architectures, side-channel defenses | Address space,Anomaly detection,Computer science,Speculative execution,Cache,Parallel computing,Computer network,Communication channel,Bandwidth (signal processing),Interference (wave propagation),False positive paradox | Conference |
ISBN | Citations | PageRank |
978-1-4503-6938-1 | 2 | 0.36 |
References | Authors | |
0 | 6 |
Name | Order | Citations | PageRank |
---|---|---|---|
Austin Harris | 1 | 50 | 2.63 |
Shijia Wei | 2 | 3 | 0.72 |
Prateek Sahu | 3 | 9 | 0.86 |
Pranav Kumar | 4 | 2 | 0.36 |
Todd M. Austin | 5 | 38 | 4.71 |
Mohit Tiwari | 6 | 445 | 23.94 |