|
In cache-based side-channel attacks, an attacker with no special privileges or physical access can extract secrets from a victim process by observing its memory accesses through a shared cache. Such attacks have been demonstrated on a number of platforms, and represent a dangerous and open threat. This project explores side-channel attacks on the shared lower-level-caches (LLCs) in modern CPUs.
The investigators demonstrate the feasibility of these types of attacks, and explores defenses against these attacks and against colluding attacks at different levels of the cache hierarchy. The project develops security metrics for expressing side-channel vulnerability and correlates them to the ease of reconstructing the secret data from the leaked side-channel information. These new metrics and tools developed in this work will assist in rigorous evaluation of the security of systems with respect to these types of attacks.
|
TWC: Small: Side Channels through Lower-Level Caches: Attacks, Defenses and Security Metrics