Effective Analysis of Side-Channel Attacks in the Second Level Cache

dc.contributor.advisorLee, Wonjun
dc.contributor.authorCoronado, Andrés Rainiero Hernández
dc.contributor.committeeMemberKrishnan, Ram
dc.contributor.committeeMemberLee, Junghee
dc.descriptionThis item is available only to currently enrolled UTSA students, faculty or staff. To download, navigate to Log In in the top right-hand corner of this screen, then select Log in with my UTSA ID.
dc.description.abstractThe use of Cloud Computing services allows enterprises to lower their IT costs by outsourcing hardware resources to provide computing power and a diverse range of solutions without the need to acquire and maintain physical resources on their own. Different methods of virtualization allow Cloud companies to fully take advantage of their physical machines by often allocating multiple and unrelated users as co-tenants on a single computer. However, even when virtualization methods should provide total isolation between different users, spying methods have been proved to be capable of extracting information from a victim user. These methods commonly rely on the use of shared hardware resources to obtain information about the execution of a victim's program, this is known as a side-channel attack. Multiple forms of side-channel attacks to target the Cloud have been previously proposed, these methods often target the First Level of Data Cache or the Last Level Cache requiring some modifications to the OS. The targeting of the second level cache has been suggested to not be viable due to some limitations caused by the architectural implementation of the memory translation process caused by the use of small pages by the OS. Despite such limitations, this research presents a tool capable of using the Second Level Cache as an alternative side-channel in both non-virtualized and virtualized environments. The research lays its foundations in previous work that proposes a specific measurement method known as Prime+Probe. This method can determine the activity of a victim's program that is concurrently being executed in the same physical processor. Three implementations tailored to target the Second Level Cache are presented, and a third new implementation is proposed capable of obtaining detailed information about the cache memory from modern hardware. The results of these tests show how the cache memory works when the attacker has no control over the memory address translation process and confirms that the Second Level Cache can be used as an alternative side-channel, even in virtualized environments, creating a new paradigm for the Cloud Computing Security.
dc.description.departmentElectrical and Computer Engineering
dc.format.extent73 pages
dc.subjectCache memory
dc.subjectComputer Security
dc.subjectSide-channel Attacks
dc.subject.classificationComputer engineering
dc.titleEffective Analysis of Side-Channel Attacks in the Second Level Cache
thesis.degree.departmentElectrical and Computer Engineering
thesis.degree.grantorUniversity of Texas at San Antonio
thesis.degree.nameMaster of Science


Original bundle

Now showing 1 - 1 of 1
No Thumbnail Available
2.73 MB
Adobe Portable Document Format