Cache-based side channels: Modern attacks and defenses.
Degree: PhD, Computer Science, 2019, University of Illinois – Urbana-Champaign
Security and trustworthiness are key considerations in designing modern processor hardware. It has been shown that, among various data leakage attacks, side channel attacks are one of the most effective and stealthy ones. In a side channel attack, an attacker can steal encryption keys, monitor keystrokes or reveal a user's personal information by leveraging the information derived from the side effects of a program's execution. These side effects include timing information, micro-architecture states, power consumption, electromagnetic leaks and even sound.
This thesis studies the important type of micro-architecture side channel attacks that exploit the shared cache hierarchies. Recently, we have witnessed ever more effective cache-based side attack techniques and the serious security threats posed by these attacks. It is urgent for computer architects to redesign processors and fix these vulnerabilities promptly and effectively.
We address the cache-based side channel security problems in two ways.
First, as modern caches are temporally and spatially shared across different security domains, the shared cache hierarchy offers a broad attack surface. It provides attackers a number of ways to interfere with a victim's execution and cache behavior, which, in turn, significantly increases side channel vulnerabilities. We study the role of cache interference in different cache attacks and propose effective solutions to mitigate shared cache attacks by limiting malicious interference.
According to our analysis, in a multi-level cache hierarchy, creating "inclusion victims" is the key in a successful attack, since they give an attacker visibility into a victim's private cache and glean useful information. Based on this important observation, we present a secure hierarchy-aware cache replacement policy (SHARP) to defeat cache attacks on inclusive cache hierarchies by eliminating inclusion victims. In addition, we show that inclusion victims also exist in non-inclusive cache hierarchies and that the non-inclusive property is insufficient to stave off cache-based side channel attacks. We design the first two conflict-based cache attacks targeting the directory structure in a non-inclusive cache hierarchy, and prove that the directory structure is actually the unified attack surface for all types of cache hierarchies, including inclusive, non-inclusive and exclusive ones. To address this problem, we present the first scalable secure directory (SecDir) design to eliminate inclusion victims by restructuring the directory organization.
Second, cache-based side channel attacks play an important role in transient execution attacks, leading to arbitrary information leakage and the violation of memory isolation policy. Specifically, in transient execution attacks, speculative execution causes the execution of instructions on incorrect paths. Such instructions potentially access secret, leaving side effects on the cache hierarchies before being squashed. We study how to effectively defend against transient execution attacks on…
Advisors/Committee Members: Torrellas, Josep (advisor), Torrellas, Josep (Committee Chair), Fletcher, Christopher W. (committee member), Marinov, Darko (committee member), Emer, Joel (committee member), Lee, Ruby B. (committee member), Morrison, Adam (committee member).
Subjects/Keywords: side channel; cache; security; attacks and defenses; micro-architecture
to Zotero / EndNote / Reference
APA (6th Edition):
Yan, M. (2019). Cache-based side channels: Modern attacks and defenses. (Doctoral Dissertation). University of Illinois – Urbana-Champaign. Retrieved from http://hdl.handle.net/2142/106167
Chicago Manual of Style (16th Edition):
Yan, Mengjia. “Cache-based side channels: Modern attacks and defenses.” 2019. Doctoral Dissertation, University of Illinois – Urbana-Champaign. Accessed March 02, 2021.
MLA Handbook (7th Edition):
Yan, Mengjia. “Cache-based side channels: Modern attacks and defenses.” 2019. Web. 02 Mar 2021.
Yan M. Cache-based side channels: Modern attacks and defenses. [Internet] [Doctoral dissertation]. University of Illinois – Urbana-Champaign; 2019. [cited 2021 Mar 02].
Available from: http://hdl.handle.net/2142/106167.
Council of Science Editors:
Yan M. Cache-based side channels: Modern attacks and defenses. [Doctoral Dissertation]. University of Illinois – Urbana-Champaign; 2019. Available from: http://hdl.handle.net/2142/106167