Visible to the public More Secure Collaborative APIs Resistant to Flush+Reload and Flush+Flush Attacks on ARMv8-A

Submitted by grigby1 on Fri, 08/14/2020 - 10:44am
TitleMore Secure Collaborative APIs Resistant to Flush+Reload and Flush+Flush Attacks on ARMv8-A
Publication TypeConference Paper
Year of Publication2019
AuthorsGe, Jingquan, Gao, Neng, Tu, Chenyang, Xiang, Ji, Liu, Zeyi
Conference Name2019 26th Asia-Pacific Software Engineering Conference (APSEC)
KeywordsAPIs, application program interfaces, application programming interface, ARMv8 A, ARMv8-A processor, cache storage, Collabo rative API, compositionality, flush operation API, Flush+Flush attack, Flush+Flush cache attacks, Flush+Reload attack, microprocessor chips, mobile computing, mobile phones, obfuscation techniques, performance evaluation, program diagnostics, pubcrawl, resilience, Resiliency, secure collaborative API, security of data, static code analysis schemes, suspected Flush+Reload, tablets
AbstractWith the popularity of smart devices such as mobile phones and tablets, the security problem of the widely used ARMv8-A processor has received more and more attention. Flush+Reload and Flush+Flush cache attacks have become two of the most important security threats due to their low noise and high resolution. In order to resist Flush+Reload and Flush+Flush attacks, researchers proposed many defense methods. However, these existing methods have various shortcomings. The runtime defense methods using hardware performance counters cannot detect attacks fast enough, effectively detect Flush+Flush or avoid a high false positive rate. Static code analysis schemes are powerless for obfuscation techniques. The approaches of permanently reducing the resolution can only be utilized on browser products and cannot be applied in the system. In this paper, we design two more secure collaborative APIs-flush operation API and high resolution time API-which can resist Flush+Reload and Flush+Flush attacks. When the flush operation API is called, the high resolution time API temporarily reduces its resolution and automatically restores. Moreover, the flush operation API also has the ability to detect and handle suspected Flush+Reload and Flush+Flush attacks. The attack and performance comparison experiments prove that the two APIs we designed are safer and the performance losses are acceptable.
DOI10.1109/APSEC48747.2019.00062
Citation Keyge_more_2019
Groups: