Abstract
To improve the energy efficiency of computing systems, modern CPUs provide registers that give estimates on the power consumption. However, the ability to read the power consumption introduces one class of security concerns called covert channels, which are communication channels that enable one process to transmit a message to another one in a system where these processes were meant to be isolated. Our contribution consists in the first covert channel in which messages are transmitted by modulating the DRAM power consumption. The channel implementation outperforms similar proposals, achieving 1800 bps with 10% error, and 2400 bps with 15% error, when running on a notebook and on a desktop platforms, respectively, To test its robustness against application interference, we considered the channel’s performance when running concurrently with different benchmarks: MRBench, Terasort and LINPACK. When running on the notebook, the channel is fairly robust, achieving between 300 and 600 bps with around 10% error depending on the workload considered.
T. B. Paiva is supported by CAPES. R. Terada is supported by CNPq grant number 442014/2014-7.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Notice that this works because the binary messages are random, thus we expected them to have a similar number of 0’s and 1’s.
- 2.
That is, the binary case.
References
Bartolini, D.B., Miedl, P., Thiele, L.: On the capacity of thermal covert channels in multicores. In: Proceedings of the Eleventh European Conference on Computer Systems, p. 24. ACM (2016)
Bedard, D., Fowler, R., Linn, M., Porterfield, A.: PowerMon 2: fine-grained, integrated power measurement. Renaissance Computing Institute, Technical Report TR-09-04 (2009)
Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48059-5_25
Deshotels, L.: Inaudible sound as a covert channel in mobile devices. In: WOOT (2014)
Desrochers, S., Paradis, C., Weaver, V.M.: A validation of DRAM RAPL power measurements. In: Proceedings of the Second International Symposium on Memory Systems, pp. 455–470. ACM (2016)
Dongarra, J.J.: Performance of various computers using standard linear equations software (2018). http://www.netlib.org/benchmark/performance.ps
Evtyushkin, D., Ponomarev, D., Abu-Ghazaleh, N.: Covert channels through branch predictors: a feasibility study. In: Proceedings of the Fourth Workshop on Hardware and Architectural Support for Security and Privacy, p. 5. ACM (2015)
Gruss, D., Maurice, C., Wagner, K., Mangard, S.: Flush+Flush: a fast and stealthy cache attack. In: Caballero, J., Zurutuza, U., RodrÃguez, R.J. (eds.) DIMVA 2016. LNCS, vol. 9721, pp. 279–299. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-40667-1_14
Guri, M., Monitz, M., Mirski, Y., Elovici, Y.: BitWhisper: covert signaling channel between air-gapped computers using thermal manipulations. In: 2015 IEEE 28th Computer Security Foundations Symposium, pp. 276–289, July 2015. https://doi.org/10.1109/CSF.2015.26
Intel: Intel® 64 and IA-32 architectures software developer’s manual. Intel (2019). https://software.intel.com/sites/default/files/managed/22/0d/335592-sdm-vol-4.pdf
Kim, K., Jeon, K., Han, H., Kim, S.G., Jung, H., Yeom, H.Y.: MRBench: a benchmark for MapReduce framework. In: 14th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2008, pp. 11–18. IEEE (2008)
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25
Lampson, B.W.: A note on the confinement problem. Commun. ACM 16(10), 613–615 (1973)
Long, Z., Wang, X., Jiang, Y., Cui, G., Zhang, L., Mak, T.: Improving the efficiency of thermal covert channels in multi-/many-core systems. In: 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1459–1464. IEEE (2018)
Mangard, S.: A simple power-analysis (SPA) attack on implementations of the AES key expansion. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 343–358. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36552-4_24
Mantel, H., Schickel, J., Weber, A., Weber, F.: How secure is green IT? The case of software-based energy side channels. In: Lopez, J., Zhou, J., Soriano, M. (eds.) ESORICS 2018. LNCS, vol. 11098, pp. 218–239. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99073-6_11
Masti, R.J., Rai, D., Ranganathan, A., Müller, C., Thiele, L., Capkun, S.: Thermal covert channels on multi-core platforms. In: USENIX Security Symposium, pp. 865–880 (2015)
Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Power analysis attacks of modular exponentiation in smartcards. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 144–157. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48059-5_14
Michalevsky, Y., Schulman, A., Veerapandian, G.A., Boneh, D., Nakibly, G.: PowerSpy: location tracking using mobile device power analysis. In: 24th USENIX Security Symposium, USENIX Security 2015, pp. 785–800 (2015)
Miedl, P., Thiele, L.: The security risks of power measurements in multicores. In: 33rd ACM/SIGAPP Symposium on Applied Computing, SAC 2018, pp. 1585–1592. ETH Zurich (2018)
Murdoch, S.J.: Hot or not: revealing hidden services by their clock skew. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 27–36. ACM (2006)
O’Malley, O.: Terabyte sort on apache Hadoop, pp. 1–3. Yahoo, May 2008. http://sortbenchmark.org/Yahoo-Hadoop.pdf
United States Department of Defense: Trusted Computer System Evaluation Criteria (Orange Book). Technical report, National Computer Security Center (1985)
Weaver, V.M., et al.: Measuring energy and power with PAPI. In: 2012 41st International Conference on Parallel Processing Workshops (ICPPW), pp. 262–268. IEEE (2012)
Yan, L., Guo, Y., Chen, X., Mei, H.: A study on power side channels on mobile devices. In: Proceedings of the 7th Asia-Pacific Symposium on Internetware, pp. 30–38. ACM (2015)
Yao, F., Doroslovacki, M., Venkataramani, G.: Are coherence protocol states vulnerable to information leakage? In: 2018 IEEE International Symposium on High Performance Computer Architecture (HPCA), pp. 168–179. IEEE (2018)
Yarom, Y., Falkner, K.: FLUSH+RELOAD: a high resolution, low noise, L3 cache side-channel attack. In: 23rd USENIX Security Symposium, USENIX Security 2014, pp. 719–732 (2014)
Zander, S., Branch, P., Armitage, G.: Capacity of temperature-based covert channels. IEEE Commun. Lett. 15(1), 82–84 (2011)
Acknowledgments
This study was financed in part by the Coordenação de Aperfeiçoamento de Pessoal de NÃvel Superior - Brasil (CAPES) - Finance Code 001. This research is part of the INCT of the Future Internet for Smart Cities funded by CNPq proc. 465446/2014-0, Coordenação de Aperfeiçoamento de Pessoal de NÃvel Superior –Brasil (CAPES) – Finance Code 001, FAPESP proc. 14/50937-1, and FAPESP proc. 15/24485-9. Dr. Navaridas is supported by EuroEXA, funded by the European Union’s Horizon 2020 programme under Grant Agreement 754337. Part of this paper was written while T. B. Paiva was attending the Escuela de Ciencias Informáticas 2018 supported by a travel grant given by the Computer Science Department of Universidad de Buenos Aires.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Paiva, T.B., Navaridas, J., Terada, R. (2019). Robust Covert Channels Based on DRAM Power Consumption. In: Lin, Z., Papamanthou, C., Polychronakis, M. (eds) Information Security. ISC 2019. Lecture Notes in Computer Science(), vol 11723. Springer, Cham. https://doi.org/10.1007/978-3-030-30215-3_16
Download citation
DOI: https://doi.org/10.1007/978-3-030-30215-3_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-30214-6
Online ISBN: 978-3-030-30215-3
eBook Packages: Computer ScienceComputer Science (R0)