Advanced search options

Advanced Search Options 🞨

Browse by author name (“Author name starts with…”).

Find ETDs with:

in
/  
in
/  
in
/  
in

Written in Published in Earliest date Latest date

Sorted by

Results per page:

Sorted by: relevance · author · university · dateNew search

Language: English

You searched for subject:(Side channel defenses). Showing records 1 – 3 of 3 total matches.

Search Limiters

Last 2 Years | English Only

No search limiters apply to these results.

▼ Search Limiters


University of Texas – Austin

1. -7290-5050. Broad-based side-channel defenses for modern microprocessors.

Degree: PhD, Computer Science, 2019, University of Texas – Austin

Private or confidential information is used in a wide variety of applications, not just including implementations of cryptographic algorithms but also including machine-learning libraries, databases, and parsers. However, even after using techniques such as encryption, authentication, and isolation, it is difficult to maintain the privacy or confidentiality of such information due to so-called side channels, with which attackers can infer sensitive information by monitoring program execution. Various side channels exist such as execution time, power consumption, exceptions, or micro-architectural components such as caches and branch predictors, and such side channels have been used to steal intellectual property, financial information, and sensitive document contents. Although numerous solutions exist for closing side channels, they are point solutions, since each solution closes an isolated set of side channels. In this dissertation, we present three compiler-based solutions – Raccoon, Escort, and Vantage – for closing digital side channels (such as the cache, address trace, and branch predictor side channels) that carry information over discrete bits, and for mitigating the a non-digital side channel, specifically, the power side channel. Additionally, our compilers are customizable, since they permit the defense to be tailored to the threat model, to the program, and to the microarchitecture. More broadly, our solutions augment the compiler with information about the lower layers of the computing stack, so that the compiler is aware of potential side channels and so that the compiler can rewrite programs to avoid leaking information through those side channels. In doing so, our solutions define new abstractions that enable the compiler to reason about the program's impact on timing, power consumption, and other similar side channels. Through such abstractions, our compilers detect and prevent a broad set of digital and non-digital leakage on modern microarchitectures. Advisors/Committee Members: Lin, Yun Calvin (advisor), Tiwari, Mohit (advisor), Dillig, Isil (committee member), Witchel, Emmett (committee member), Evans, David (committee member).

Subjects/Keywords: Side-channel defenses

Record DetailsSimilar RecordsGoogle PlusoneFacebookTwitterCiteULikeMendeleyreddit

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6th Edition):

-7290-5050. (2019). Broad-based side-channel defenses for modern microprocessors. (Doctoral Dissertation). University of Texas – Austin. Retrieved from http://dx.doi.org/10.26153/tsw/2661

Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete

Chicago Manual of Style (16th Edition):

-7290-5050. “Broad-based side-channel defenses for modern microprocessors.” 2019. Doctoral Dissertation, University of Texas – Austin. Accessed February 27, 2021. http://dx.doi.org/10.26153/tsw/2661.

Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete

MLA Handbook (7th Edition):

-7290-5050. “Broad-based side-channel defenses for modern microprocessors.” 2019. Web. 27 Feb 2021.

Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete

Vancouver:

-7290-5050. Broad-based side-channel defenses for modern microprocessors. [Internet] [Doctoral dissertation]. University of Texas – Austin; 2019. [cited 2021 Feb 27]. Available from: http://dx.doi.org/10.26153/tsw/2661.

Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete

Council of Science Editors:

-7290-5050. Broad-based side-channel defenses for modern microprocessors. [Doctoral Dissertation]. University of Texas – Austin; 2019. Available from: http://dx.doi.org/10.26153/tsw/2661

Note: this citation may be lacking information needed for this citation format:
Author name may be incomplete


University of California – Irvine

2. Crane, Stephen. Enhancing and Extending Software Diversity.

Degree: Computer Science, 2015, University of California – Irvine

Software immunity through diversity is a promising research direction. Address Space Layout Randomization has been widely deployed to defend against code-reuse attacks and significantly raises the bar for attackers. However, automated software diversity is still exploitable by adroit and adaptable adversaries. Using powerful memory disclosure attacks, offensive researchers have demonstrated weaknesses in conventional randomization techniques. In addition, current defenses are largely passive and allow attackers to continuously brute-force randomized defenses with little impediment. Building on the foundation of automated software diversity, we propose novel techniques to strengthen the security and broaden the impact of code randomization. We first discuss software booby traps, a new active defense technique enabled by randomized program contents. We then propose, implement, and evaluate a comprehensive randomization-based system, Readactor++, which is resilient to all types of memory disclosure attacks. Readactor++ enforces execute-only memory protections on commodity x86 processors, thus preventing direct disclosure of randomized code. We also identify the indirect disclosure attack, a new class of code leakage via data disclosure, and mitigate this attack as well. By integrating booby traps into our system, we protect against brute-force memory disclosure attempts. In our evaluation we find that Readactor++ compares favorably to other memory-disclosure resilient code-reuse defenses and that it scales effectively to complex, real-world software. Finally, we propose a novel extension of code randomization to mitigate side-channel rather than code-reuse attacks. Using control-flow diversity, a novel control-flow transformation, we introduce dynamic behavior into program side effects with fast, static code. As an example, we apply this technique to mitigate an AES cache side-channel attack. With our techniques, software diversity can now be efficiently secured against advanced attacks, including memory disclosure and function table reuse, and is adaptable to combat new classes of threats, such as side-channel attacks.

Subjects/Keywords: Computer science; Code-reuse Attacks; Computer Security; Side-channel Attacks; Software Defenses; Software Diversity

Record DetailsSimilar RecordsGoogle PlusoneFacebookTwitterCiteULikeMendeleyreddit

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6th Edition):

Crane, S. (2015). Enhancing and Extending Software Diversity. (Thesis). University of California – Irvine. Retrieved from http://www.escholarship.org/uc/item/45w3n70k

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16th Edition):

Crane, Stephen. “Enhancing and Extending Software Diversity.” 2015. Thesis, University of California – Irvine. Accessed February 27, 2021. http://www.escholarship.org/uc/item/45w3n70k.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7th Edition):

Crane, Stephen. “Enhancing and Extending Software Diversity.” 2015. Web. 27 Feb 2021.

Vancouver:

Crane S. Enhancing and Extending Software Diversity. [Internet] [Thesis]. University of California – Irvine; 2015. [cited 2021 Feb 27]. Available from: http://www.escholarship.org/uc/item/45w3n70k.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Crane S. Enhancing and Extending Software Diversity. [Thesis]. University of California – Irvine; 2015. Available from: http://www.escholarship.org/uc/item/45w3n70k

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

3. Yan, Mengjia. Cache-based side channels: Modern attacks and defenses.

Degree: PhD, Computer Science, 2019, University of Illinois – Urbana-Champaign

Security and trustworthiness are key considerations in designing modern processor hardware. It has been shown that, among various data leakage attacks, side channel attacks are one of the most effective and stealthy ones. In a side channel attack, an attacker can steal encryption keys, monitor keystrokes or reveal a user's personal information by leveraging the information derived from the side effects of a program's execution. These side effects include timing information, micro-architecture states, power consumption, electromagnetic leaks and even sound. This thesis studies the important type of micro-architecture side channel attacks that exploit the shared cache hierarchies. Recently, we have witnessed ever more effective cache-based side attack techniques and the serious security threats posed by these attacks. It is urgent for computer architects to redesign processors and fix these vulnerabilities promptly and effectively. We address the cache-based side channel security problems in two ways. First, as modern caches are temporally and spatially shared across different security domains, the shared cache hierarchy offers a broad attack surface. It provides attackers a number of ways to interfere with a victim's execution and cache behavior, which, in turn, significantly increases side channel vulnerabilities. We study the role of cache interference in different cache attacks and propose effective solutions to mitigate shared cache attacks by limiting malicious interference. According to our analysis, in a multi-level cache hierarchy, creating "inclusion victims" is the key in a successful attack, since they give an attacker visibility into a victim's private cache and glean useful information. Based on this important observation, we present a secure hierarchy-aware cache replacement policy (SHARP) to defeat cache attacks on inclusive cache hierarchies by eliminating inclusion victims. In addition, we show that inclusion victims also exist in non-inclusive cache hierarchies and that the non-inclusive property is insufficient to stave off cache-based side channel attacks. We design the first two conflict-based cache attacks targeting the directory structure in a non-inclusive cache hierarchy, and prove that the directory structure is actually the unified attack surface for all types of cache hierarchies, including inclusive, non-inclusive and exclusive ones. To address this problem, we present the first scalable secure directory (SecDir) design to eliminate inclusion victims by restructuring the directory organization. Second, cache-based side channel attacks play an important role in transient execution attacks, leading to arbitrary information leakage and the violation of memory isolation policy. Specifically, in transient execution attacks, speculative execution causes the execution of instructions on incorrect paths. Such instructions potentially access secret, leaving side effects on the cache hierarchies before being squashed. We study how to effectively defend against transient execution attacks on… Advisors/Committee Members: Torrellas, Josep (advisor), Torrellas, Josep (Committee Chair), Fletcher, Christopher W. (committee member), Marinov, Darko (committee member), Emer, Joel (committee member), Lee, Ruby B. (committee member), Morrison, Adam (committee member).

Subjects/Keywords: side channel; cache; security; attacks and defenses; micro-architecture

…Cache-Based Side Channel Attacks 1.2 Challenges in Defending Against Cache Attacks . 1.3… …Organization . . . . . . . . . . 2.2 Cache-Based Side Channel Attacks . . . . . . . . . . . . . . 2.3… …Countermeasures Against Cache-Based Side Channel Attacks 2.4 Countermeasures Against Transient Execution… …side channel attacks are one of the most effective and stealthy ones. The potential threats… …of side channel attacks were discussed by Butler W. Lampson in the early 1970s [1]… 

Page 1 Page 2 Page 3 Page 4 Page 5 Page 6 Page 7

Record DetailsSimilar RecordsGoogle PlusoneFacebookTwitterCiteULikeMendeleyreddit

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6th Edition):

Yan, M. (2019). Cache-based side channels: Modern attacks and defenses. (Doctoral Dissertation). University of Illinois – Urbana-Champaign. Retrieved from http://hdl.handle.net/2142/106167

Chicago Manual of Style (16th Edition):

Yan, Mengjia. “Cache-based side channels: Modern attacks and defenses.” 2019. Doctoral Dissertation, University of Illinois – Urbana-Champaign. Accessed February 27, 2021. http://hdl.handle.net/2142/106167.

MLA Handbook (7th Edition):

Yan, Mengjia. “Cache-based side channels: Modern attacks and defenses.” 2019. Web. 27 Feb 2021.

Vancouver:

Yan M. Cache-based side channels: Modern attacks and defenses. [Internet] [Doctoral dissertation]. University of Illinois – Urbana-Champaign; 2019. [cited 2021 Feb 27]. Available from: http://hdl.handle.net/2142/106167.

Council of Science Editors:

Yan M. Cache-based side channels: Modern attacks and defenses. [Doctoral Dissertation]. University of Illinois – Urbana-Champaign; 2019. Available from: http://hdl.handle.net/2142/106167

.