Effective Analysis of Side-Channel Attacks in the Second Level Cache

Date
2017
Authors
Coronado, Andrés Rainiero Hernández
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract

The use of Cloud Computing services allows enterprises to lower their IT costs by outsourcing hardware resources to provide computing power and a diverse range of solutions without the need to acquire and maintain physical resources on their own. Different methods of virtualization allow Cloud companies to fully take advantage of their physical machines by often allocating multiple and unrelated users as co-tenants on a single computer. However, even when virtualization methods should provide total isolation between different users, spying methods have been proved to be capable of extracting information from a victim user. These methods commonly rely on the use of shared hardware resources to obtain information about the execution of a victim's program, this is known as a side-channel attack.

Multiple forms of side-channel attacks to target the Cloud have been previously proposed, these methods often target the First Level of Data Cache or the Last Level Cache requiring some modifications to the OS. The targeting of the second level cache has been suggested to not be viable due to some limitations caused by the architectural implementation of the memory translation process caused by the use of small pages by the OS. Despite such limitations, this research presents a tool capable of using the Second Level Cache as an alternative side-channel in both non-virtualized and virtualized environments.

The research lays its foundations in previous work that proposes a specific measurement method known as Prime+Probe. This method can determine the activity of a victim's program that is concurrently being executed in the same physical processor. Three implementations tailored to target the Second Level Cache are presented, and a third new implementation is proposed capable of obtaining detailed information about the cache memory from modern hardware.

The results of these tests show how the cache memory works when the attacker has no control over the memory address translation process and confirms that the Second Level Cache can be used as an alternative side-channel, even in virtualized environments, creating a new paradigm for the Cloud Computing Security.

Description
This item is available only to currently enrolled UTSA students, faculty or staff.
Keywords
Cache memory, Computer Security, Side-channel Attacks
Citation
Department
Electrical and Computer Engineering