Abstract
Protecting critical information against eviction-based cache side-channel attacks has always been challenging. In these attacks, attacker reveals secrets by observing cache lines evicted by the co-running applications. A precondition for such attacks is that the attacker needs a set of cache lines mapped to memory addresses belonging to victim, called eviction set. Attacker learns eviction set by loading the cache lines at random and then it observes their evictions as a result of victim access. We have found that the relation between the incoming memory location and the resulting evicted cache line eases the learning of an eviction set. In this paper, we propose Indirect Eviction Cache (IE-Cache) that is based on the principle of indirect eviction to harden the building of eviction set. In an eviction process of IE-Cache, incoming memory triggers series of replacements based on the cached memory addresses and a secure-indexing function, and the last replaced cache line is evicted. This increases the set size and introduces non-evicting cache lines in the eviction set. Through experimental results, we have shown that a 4-way set associative IE-Cache having 1MB and up to 3 replacements per eviction would require an attacker to generate \({\approx }2^{59}\) memory accesses to learn an eviction set with 99% confidence. Moreover, it achieves 1–3% speedup compared to set-associative cache with a random-replacement policy on PARSEC benchmarks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Gruss, D., Maurice, C., Wagner, K., Mangard, S.: Flush+Flush: a fast and stealthy cache attack. In: Caballero, J., Zurutuza, U., Rodríguez, R.J. (eds.) DIMVA 2016. LNCS, vol. 9721, pp. 279–299. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-40667-1_14
Lipp, M., Gruss, D., Spreitzer, R., Maurice, C., Mangard, S.: Armageddon: cache attacks on mobile devices. In: 25th USENIX Security Symposium, Austin, TX, pp. 549–564. USENIX Association (2016)
Liu, F., Yarom, Y., Ge, Q., Heiser, G., Lee, R.B.: Last-level cache side-channel attacks are practical. In: 2015 IEEE Symposium on Security and Privacy, pp. 605–622, May 2015
Yarom, Y., Falkner, K.: Flush+reload: a high resolution, low noise, L3 cache side-channel attack. In: 23rd USENIX Security Symposium (USENIX Security 2014), San Diego, CA, pp. 719–732. USENIX Association (2014)
Kocher, P., et al.: Spectre attacks: exploiting speculative execution. In: 40th IEEE Symposium on Security and Privacy (S&P 2019) (2019)
Lipp, M., et al.: Meltdown: reading kernel memory from user space. In: 27th USENIX Security Symposium (USENIX Security 2018) (2018)
Kim, T., Peinado, M., Mainar-Ruiz, G.: STEALTHMEM: system-level protection against cache-based side channel attacks in the cloud. In: Presented as Part of the 21st USENIX Security Symposium (USENIX Security 2012), Bellevue, WA, pp. 189–204. USENIX (2012)
Kiriansky, V., Lebedev, I., Amarasinghe, S., Devadas, S., Emer, J.: DAWG: a defense against cache timing attacks in speculative execution processors. In: 2018 51st Annual IEEE/ACM International Symposium on Microarchitecture (MICRO), pp. 974–987, October 2018
Kong, J., Aciicmez, O., Seifert, J.-P., Zhou, H.: Deconstructing new cache designs for thwarting software cache-based side channel attacks. In: Proceedings of the 2Nd ACM Workshop on Computer Security Architectures, CSAW 2008, pp. 25–34. ACM (2008)
Liu, F., Wu, H., Mai, K., Lee, R.B.: Newcache: secure cache architecture thwarting cache side-channel attacks. IEEE Micro 36(5), 8–16 (2016)
Liu, F., et al.: Catalyst: defeating last-level cache side channel attacks in cloud computing, March 2016
Liu, F., et al.: Catalyst: defeating last-level cache side channel attacks in cloud computing. In: 2016 HPCA, pp. 406–418, March 2016
Fiore, U., Florea, A., Gellert, A., Vintan, L., Zanetti, P.: Optimal partitioning of LLC in CAT-enabled CPUs to prevent side-channel attacks. In: Castiglione, A., Pop, F., Ficco, M., Palmieri, F. (eds.) CSS 2018. LNCS, vol. 11161, pp. 115–123. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01689-0_9
Scattercache: thwarting cache attacks via cache set randomization. In: 28th USENIX Security Symposium, Santa Clara, CA. USENIX Association (2019)
Purnal, A., Verbauwhede, I.: Advanced profiling for probabilistic prime+probe attacks and covert channels in scattercache. arXiv, abs/1908.03383 (2019)
Sanchez, D., Kozyrakis, C.: ZSim: fast and accurate microarchitectural simulation of thousand-core systems. ACM SIGARCH Comput. Architect. News 41, 475 (2013)
Vañó-García, F., Marco-Gisbert, H.: Slicedup: a tenant-aware memory deduplication for cloud computing. In: UBICOMM International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies, UBICOMM 2018, United States, pp. 15–20. IARIA, November 2018
Sanchez, D., Kozyrakis, C.: The ZCache: decoupling ways and associativity. In: 2010 43rd Annual IEEE/ACM International Symposium on Microarchitecture, pp. 187–198, December 2010
Qureshi, M.K.: CEASER: mitigating conflict-based cache attacks via encrypted-address and remapping, pp. 775–787, October 2018
McKeen, F., et al.: Intel® software guard extensions support for dynamic memory management inside an enclave. In: HASP, pp. 10:1–10:9. ACM, New York (2016)
Li, W., Xia, Y., Chen, H.: Research on arm trustzone. GetMobile Mob. Comput. Commun. 22(3), 17–22 (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 IFIP International Federation for Information Processing
About this paper
Cite this paper
Mukhtar, M.A., Bhatti, M.K., Gogniat, G. (2020). IE-Cache: Counteracting Eviction-Based Cache Side-Channel Attacks Through Indirect Eviction. In: Hölbl, M., Rannenberg, K., Welzer, T. (eds) ICT Systems Security and Privacy Protection. SEC 2020. IFIP Advances in Information and Communication Technology, vol 580. Springer, Cham. https://doi.org/10.1007/978-3-030-58201-2_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-58201-2_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-58200-5
Online ISBN: 978-3-030-58201-2
eBook Packages: Computer ScienceComputer Science (R0)