Files in this item



application/pdfYAN-DISSERTATION-2019.pdf (2MB)
(no description provided)PDF


Title:Cache-based side channels: Modern attacks and defenses
Author(s):Yan, Mengjia
Director of Research:Torrellas, Josep
Doctoral Committee Chair(s):Torrellas, Josep
Doctoral Committee Member(s):Fletcher, Christopher W.; Marinov, Darko; Emer, Joel; Lee, Ruby B.; Morrison, Adam
Department / Program:Computer Science
Discipline:Computer Science
Degree Granting Institution:University of Illinois at Urbana-Champaign
Subject(s):side channel
attacks and defenses
Abstract:Security and trustworthiness are key considerations in designing modern processor hardware. It has been shown that, among various data leakage attacks, side channel attacks are one of the most effective and stealthy ones. In a side channel attack, an attacker can steal encryption keys, monitor keystrokes or reveal a user's personal information by leveraging the information derived from the side effects of a program's execution. These side effects include timing information, micro-architecture states, power consumption, electromagnetic leaks and even sound. This thesis studies the important type of micro-architecture side channel attacks that exploit the shared cache hierarchies. Recently, we have witnessed ever more effective cache-based side attack techniques and the serious security threats posed by these attacks. It is urgent for computer architects to redesign processors and fix these vulnerabilities promptly and effectively. We address the cache-based side channel security problems in two ways. First, as modern caches are temporally and spatially shared across different security domains, the shared cache hierarchy offers a broad attack surface. It provides attackers a number of ways to interfere with a victim's execution and cache behavior, which, in turn, significantly increases side channel vulnerabilities. We study the role of cache interference in different cache attacks and propose effective solutions to mitigate shared cache attacks by limiting malicious interference. According to our analysis, in a multi-level cache hierarchy, creating "inclusion victims" is the key in a successful attack, since they give an attacker visibility into a victim's private cache and glean useful information. Based on this important observation, we present a secure hierarchy-aware cache replacement policy (SHARP) to defeat cache attacks on inclusive cache hierarchies by eliminating inclusion victims. In addition, we show that inclusion victims also exist in non-inclusive cache hierarchies and that the non-inclusive property is insufficient to stave off cache-based side channel attacks. We design the first two conflict-based cache attacks targeting the directory structure in a non-inclusive cache hierarchy, and prove that the directory structure is actually the unified attack surface for all types of cache hierarchies, including inclusive, non-inclusive and exclusive ones. To address this problem, we present the first scalable secure directory (SecDir) design to eliminate inclusion victims by restructuring the directory organization. Second, cache-based side channel attacks play an important role in transient execution attacks, leading to arbitrary information leakage and the violation of memory isolation policy. Specifically, in transient execution attacks, speculative execution causes the execution of instructions on incorrect paths. Such instructions potentially access secret, leaving side effects on the cache hierarchies before being squashed. We study how to effectively defend against transient execution attacks on the cache hierarchies by hiding the side effects of transient load instructions. We call our scheme "Invisible Speculation" (InvisiSpec). It is the first robust hardware defense mechanism against transient cache-based side channel attacks for multiprocessors.
Issue Date:2019-10-04
Rights Information:Copyright 2019 Mengjia Yan
Date Available in IDEALS:2020-03-02
Date Deposited:2019-12

This item appears in the following Collection(s)

Item Statistics