A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Filters
Shielding Software From Privileged Side-Channel Attacks
2018
USENIX Security Symposium
Preserved Fulltext
This paper presents defenses against page table and last-level cache (LLC) side-channel attacks launched by a compromised OS kernel. ...
Shielding systems such as InkTag, Haven, and Virtual Ghost protect sensitive application data from compromised OS kernels. However, such systems are still vulnerable to side-channel attacks. ...
Acknowledgements The authors thank the anonymous reviewers for their insightful feedback. This work was supported by NSF Awards CNS-1319353, CNS-1618497, CNS-1618588, CNS-1629770, and CNS-1652280. ...
dblp:conf/uss/DongSCCD18
fatcat:3gvp7yemobcr3ps5v2im7jae5y
Chunked-Cache: On-Demand and Scalable Cache Isolation for Security Architectures
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Cache partitioning defenses, on the other hand, provide the strict resource partitioning and effectively block all side-channel threats. ...
However, they usually rely on way-based partitioning which is not fine-grained and cannot scale to support a larger number of protection domains, e.g., in trusted execution environment (TEE) security architectures ...
SecDCP [96] forms security classes of applications with similar security requirements and assigns cache ways to them. ...
arXiv:2110.08139v1
fatcat:fghri7xtovfgzb74gurdsw6x4y
DAWG: A Defense Against Cache Timing Attacks in Speculative Execution Processors
2018
2018 51st Annual IEEE/ACM International Symposium on Microarchitecture (MICRO)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
We also thank our anonymous reviewers and Julian Shun for helpful questions and comments. ...
We are grateful to Carl Waldspurger for his valuable feedback on the initial design as well as the final presentation of this paper. ...
SecDCP [55] demonstrate dynamic allocation policies, assuming a secure partitioning mechanism is available; they provide only 'one-way protection' for a privileged enclave with no communication. ...
doi:10.1109/micro.2018.00083
dblp:conf/micro/KirianskyLADE18
fatcat:dcxkoz3pdzbujorqukwpmeocw4
HybCache: Hybrid Side-Channel-Resilient Caches for Trusted Execution Environments
[article]
2019
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
More importantly, they assume that side-channel-resilient caches are required for the entire execution workload and do not allow to selectively enable the mitigation only for the security-critical portion ...
We present a generic mechanism for a flexible and soft partitioning of set-associative caches and propose a hybrid cache architecture, called HybCache. ...
Acknowledgments We thank our anonymous reviewers for their valuable and constructive feedback. We also acknowledge the relevant work of Tassneem ...
arXiv:1909.09599v1
fatcat:ermtym2zpbdxvbrmtbb3jvrw5m
Timing Cache Accesses to Eliminate Side Channels in Shared Software
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
To eliminate the timing side channel, we ensure that the first access by a process to any cache line loaded by another process results in a miss. ...
Timing side channels have been used to extract cryptographic keys and sensitive documents, even from trusted enclaves. ...
We thank Sreepathi Pai for his feedback during early discussions of the ideas in this paper. ...
arXiv:2009.14732v1
fatcat:mvh4bqq5wbcftdut7dvsnbuhw4
SpecBox: A Label-Based Transparent Speculation Scheme Against Transient Execution Attacks
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
It dynamically partitions the cache system to isolate speculative data and non-speculative data, which can prevent transient execution from being observed by subsequent execution. ...
Our security analysis shows that SpecBox is secure and the performance evaluation shows that the performance overhead on SPEC CPU 2006 and PARSEC-3.0 benchmarks is small. ...
SecDCP [65] dynamically adjusts domain sizes according to the number of incurred cache misses to improve the performance of CAT partitioning. ...
arXiv:2107.08367v1
fatcat:3ax63aj3zndoplhjorwu5ly6ti
A Survey of Microarchitectural Side-channel Vulnerabilities, Attacks and Defenses in Cryptography
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
One popular type of such attacks is the microarchitectural attack, where the adversary exploits the hardware features to break the protection enforced by the operating system and steal the secrets from ...
Side-channel attacks have become a severe threat to the confidentiality of computer applications and systems. ...
SecDCP Cache [209] improved over SecVerilog cache by dynamically partitioning the cache for different processes based on the cache miss rate of instructions at runtime. ...
arXiv:2103.14244v1
fatcat:u35eyivqbngplfa4qrswfsqqti
New Attacks and Defenses for Randomized Caches
[article]
2019
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
The last level cache is vulnerable to timing based side channel attacks because it is shared by the attacker and the victim processes even if they are located on different cores. ...
These timing attacks evict the victim cache lines using small conflict groups(SCG), and monitor the cache to observe when the victim uses these cache lines again. ...
SecDCP [50] , DAWG [25] , PLCache [51] use way partitioning to allocate different ways of a set to different security domains. ...
arXiv:1909.12302v1
fatcat:cqh6tdvxuja3bcms7nar67pmiq
Efficient and Verifiable Timing Channel Protection for Multi-Core Processors
2017
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
We proposed multiple protection mechanisms for on-chip networks, caches and memory controllers. ...
In this thesis, we explored new timing channel attacks and developed timing channel protection schemes for some of the hardware resources in a multi-core processor. ...
We proposed SecDCP, a scheme that allows secure dynamic cache partitioning to defend against cache timing channel attacks, while significantly improving the performance of static partitioning. ...
doi:10.7298/x49k487w
fatcat:rmvk3bauhrandl3yf2cbnkm4cm
Cache Telepathy: Leveraging Shared Resource Attacks to Learn DNN Architectures
[article]
2018
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
This paper presents Cache Telepathy: a fast and accurate mechanism to steal a DNN's architecture using the cache side channel. ...
Such information can be leaked through the cache side channel. This paper uses Prime+Probe and Flush+Reload to attack VGG and ResNet DNNs running OpenBLAS and Intel MKL libraries. ...
Further, there are proposals for security-oriented cache mechanisms such as PLCache [45] , Random Fill Cache [46] , SHARP [47] and SecDCP [48] . ...
arXiv:1808.04761v1
fatcat:ny35x6nm4jamzisnscclztj7gq
System Architecture Designs for Secure, Flexible and Openly-Accessible Enclave Computing
2022
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
side-channel resilient enclaves. ...
In the last decade, security architectures became prominent which protect sensitive data in isolated execution environments, called enclaves or Trusted Execution Environments (TEEs), that are backed by ...
Acknowledgments
Acknowledgments We thank our anonymous reviewers for their valuable and constructive feedback. ...
doi:10.26083/tuprints-00021487
fatcat:kmbfkbzolrhhdgexphbkvk2nyu
Securing Processors from Time Side Channels
unpublished
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
At the same time, cores inside SoCs are supposed to be fast levering many predictors and resource sharing for efficiency. ...
Using predictors like caches and branch predictors can have side effects that leak information across time domains. ...
SecDCP [29] shows a mechanism to dynamically partition a last level cache. For resources with different utilization ratio, it should have a better performance to have dynamic partitioning. ...
fatcat:gg2coznafvettkdk2rif7staku
Flexible Hardware-based Security-aware Mechanisms and Architectures
2023
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2023; you can also visit the original URL.
The file type is application/pdf.
For decades, software security has been the primary focus in securing our computing platforms. ...
This has been further leveraged in developing hardware-based dedicated security extensions and architectures to protect software from attacks exploiting software vulnerabilities such as memory corruption ...
Innovation (CloSer project), and the Intel Collaborative Research Institute for Secure Computing (ICRI-SC). ...
doi:10.26083/tuprints-00023042
fatcat:ua4kvfc4endv5bhd4wglhzplue
Raising The Bar: Advancing Mitigations Against Memory-Corruption and Side-Channel Attacks
2022
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Memory-corruption attacks have been one of the most severe security threats for decades, despite the tremendous efforts of the security community: according to data published by Microsoft in 2019, 70% ...
The complexity of computer programs has been increasing for multiple decades. As a result, the number and impact of security vulnerabilities have been rising as well. ...
Acknowledgments
Acknowledgments We are grateful to our anonymous reviewers and our shepherd Mihai Christodorescu for their constructive feedback. ...
doi:10.26083/tuprints-00021436
fatcat:udtvwmmqrngkfkburnkgz6mxsa