Cache-Based Attack and Defense on ARM Platform
In recent years, research efforts had been made to investigate a safe and secure environment for ARM platform. The new ARMv8 design had brought in with the design features that allow the secure design. However, there are still some security problems with both Cortex-A and Cortex-M series on ARMv8. For example, on Cortex-A series, there are risks that the system gets down on side-channel attacks. One major category of side-channel attacks utilizes cache memory to obtain a victim's secret information. In the cache based side-channel attacks, an attacker measures a sequence of cache operations to obtain a victim's memory access information, deriving more sensitive information. The success of such attacks highly depends on accurate information about the victim's cache accesses. Cortex-M series, on the other hand, have some design so that the side-channel attack can be prevented, but it also needs a security wrapper to ensure the security of the users' privacy data. In this thesis, we discuss the defense against side-channel attack on Cortex-A series chips, and also the security design on Cortex-M series chips. Our adaptive noise injection can significantly reduce the bandwidth of side-channel while maintaining affordable system overheads. The proposed defense mechanisms can be used on ARM Cortex-A architectures, and also in virtualized environments. Our experimental evaluation and theoretical analysis show the effectiveness and efficiency of our proposed defense.