Paper Info
Title
Partial-SMT: Core-Scheduling Protection Against SMT Contention-Based Attacks
Abstract
Numerous recent works in side-channel attacks have experimentally shown that Simultaneous Multi-Threading (SMT) inherently has a broader attack surface as it exposes more microarchitecture components per-core than cross-core. Existing mechanisms that protect against these attacks either incur high execution costs or are ineffective against certain attack variants. In this paper, we propose Partial-SMT, a system based on core-scheduling that protects security-critical programs from all contention-based attacks due to SMT. Partial-SMT allocates some complete physical cores for the exclusive use of the individual applications and provides a user-level threading library linked into each application to control the placement of their threads on dedicated cores, thereby preventing the attacker from accessing shared CPU resources simultaneously on the victim's core. The key insight is that by limiting ourselves to SMT contention-based side channels, we can translate the protection into an allocation policy that allocates or frees computing resources with a granularity of one physical core. Security-critical applications can be implemented on-demand and coexist with existing applications. We demonstrate that Partial-SMT effectively defeats typical SMT contention-based attacks. We modify AES and SPEC 2006 to use Partial-SMT, and they all incur the slight negligible performance overhead.
Year
DOI
Venue
2020
10.1109/TrustCom50675.2020.00059
2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)
Keywords
DocType
ISSN
Simultaneous Multi-Threading, Core scheduling, Defenses, Side Channels
Conference
2324-898X
ISBN
Citations 
PageRank 
978-1-6654-0393-1
0
0.34
References 
Authors
0
7
Name
Order
Citations
PageRank
Xiaohui Wu100.34
Yeping He27714.64
Qiming Zhou300.34
Hengtai Ma431.41
Liang He500.34
Wenhao Wang659.95
Liheng Chen700.34