Abstract
Traditionally, a single machine hosts multiple services for the effective utilization of available resources. Such resource sharing among the co-hosted services opens the scope of Side Channel Attack (SCA) from one process to another. One such attack is the Branch Prediction Analysis (BPA) attack to extract the decryption key of a secured communication going on a shared resource. Virtual Machines (VMs) have become a defacto standard for hosting such multiple services on a single machine. VM provides a dedicated operating system and environment for each service. With reference to different types of BPA attack in a virtualization environment, this paper proposes a behavioral monitoring based novel approach, Trilochan, to detect Cross-VM Direct Timing Attack (DTA), a type of BPA attack. The solution is found very useful with negligible performance overheads.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.Availability of data and material
Not applicable.
Code availability
Not applicable.
References
Aciçmez O, Gueron S, Seifert J-P (2007) New branch prediction vulnerabilities in OpenSSL and necessary software countermeasures. In: Galbraith SD (ed) Cryptography and coding. Springer, Berlin Heidelberg, pp 185–203
Aciiçmez O, Koç ÇK, Seifert J-P (2007) On the power of simple branch prediction analysis. In: Proceedings of the 2nd ACM symposium on information, computer and communications security, pp 312–320. https://doi.org/10.1145/1229285.1266999
Acundefinediçmez O, Koç ÇK, Seifert J-P (2007) Predicting secret keys via branch prediction. In: Proceedings of the 7th cryptographers’ track at the RSA conference on topics in cryptology, pp 225–242. https://doi.org/10.1007/11967668_15
Agosta G, Breveglieri L, Pelosi G, Koren I (2007) Countermeasures against branch target buffer attacks. In: Workshop on fault diagnosis and tolerance in cryptography (FDTC 2007), pp 75–79. https://doi.org/10.1109/FDTC.2007.10
Bhattacharya S, Mukhopadhyay D (2014) Fault attack revealing secret keys of exponentiation algorithms from branch prediction misses. IACR Cryptology EPrint Archive, 2014, p 790. http://eprint.iacr.org/2014/790
Bhattacharya S, Mukhopadhyay D (2015). Who watches the watchmen? : utilizing performance monitors for compromising keys of RSA on Intel platforms. IACR Cryptology EPrint Archive, 2015, p 621. http://eprint.iacr.org/2015/621
Bhattacharya S, Mukhopadhyay D (2017) Formal fault analysis of branch predictors: attacking countermeasures of asymmetric key ciphers. J Cryptogr Eng 7(4):299–310. https://doi.org/10.1007/s13389-017-0165-6
Bhattacharya S, Bhasin S, Mukhopadhyay D (2018) Online detection and reactive countermeasure for leakage from BPU using TVLA. In: 2018 31st International conference on VLSI design and 2018 17th international conference on embedded systems (VLSID), pp 155–160. https://doi.org/10.1109/VLSID.2018.54
Buch DH, Bhatt HS (2019) Cross-VM branch prediction analysis attack: scope assessment and simulation. Int J Recent Technol Eng 8(2). https://doi.org/10.35940/ijrte.B3553.078219
Buch DH, Bhatt HS (2020) Trinetra: a solution to handle cross-VM time-driven attack. SN Appl Sci 2(4):1–12. https://doi.org/10.1007/s42452-020-2297-z
Chordiya AR, Majumder S, Javaid AY (2018) Man-in-the-middle (MITM) attack based hijacking of HTTP traffic using open source tools. IEEE Int Conf Electro/Inf Technol (EIT) 2018:438–443. https://doi.org/10.1109/EIT.2018.8500144
Chouhan M, Hasbullah H (2016) Adaptive detection technique for cache-based side channel attack using bloom filter for secure cloud. In: 2016 3rd international conference on computer and information sciences, ICCOINS 2016—proceedings, pp 293–297. https://doi.org/10.1109/ICCOINS.2016.7783230
de Melo AC (2010) The new linux ‘perf’ tools. In slides from Linux Kongress. http://www.linux-kongress.org/2010/slides/lk2010-perf-acme.pdf
Gu H, Chen M, Wang Y, Xie F (2020) Spectre check: an approach to detecting speculative execution side channels in data cache. In: 2020 IEEE international conference on embedded software and systems (ICESS), pp 1–8. https://doi.org/10.1109/ICESS49830.2020.9301601
Hussein O, Hamza N, Hefny H (2015) A proposed covert channel based on memory reclamation. In: 2015 IEEE seventh international conference on intelligent computing and information systems (ICICIS), pp 343–347. https://doi.org/10.1109/IntelCIS.2015.7397244
Joye Marcand Yen S-M (2003) The montgomery powering ladder. In: Çetin K, KaliskiBurton PC (eds) Cryptographic hardware and embedded systems-CHES 2002. Springer, Berlin, Heidelberg, pp 291–302
Kocher P, Horn J, Fogh A, Genkin D, Gruss D, Haas W, Hamburg M, Lipp M, Mangard S, Prescher T, Schwarz M, Yarom Y (2020) Spectre attacks: exploiting speculative execution. Commun ACM 63(7):93–101. https://doi.org/10.1145/3399742
Kulah Y, Dincer B, Yilmaz C, Savas E (2019) SpyDetector: an approach for detecting side-channel attacks at runtime. Int J Inf Secur 18(4):393–422. https://doi.org/10.1007/s10207-018-0411-7
Li P, Zhao L, Hou R, Zhang L, Meng D (2019) Conditional speculation: an effective approach to safeguard out-of-order execution against spectre attacks. In: 2019 IEEE international symposium on high performance computer architecture (HPCA), pp 264–276. https://doi.org/10.1109/HPCA.2019.00043
Liu F, Ren L, Bai H (2014) Mitigating cross-VM side channel attack on multiple tenants cloud platform. J Comput 9(4):1005–1013. https://doi.org/10.4304/jcp.9.4.1005-1013
Liu F, Ge Q, Yarom Y, Mckeen F, Rozas C, Heiser G, Lee RB (2016) CATalyst: defeating last-level cache side channel attacks in cloud computing. In: 2016 IEEE international symposium on high performance computer architecture (HPCA), pp 406–418. https://doi.org/10.1109/HPCA.2016.7446082
Sebot J, Gueron S (2014) Mitigating branch prediction and other timing based side channel attacks (Patent No. US8869294B2). https://patents.google.com/patent/US8869294B2/en
Sevak B (2012) Security against side channel attack in cloud computing. Int J Eng Adv Technol 2(2):183–186
Tan Y, Wei J, Guo W (2014) The micro-architectural support countermeasures against the branch prediction analysis attack. In: 2014 IEEE 13th international conference on trust, security and privacy in computing and communications, pp 276–283. https://doi.org/10.1109/TrustCom.2014.38
Thakkar A, Lohiya R (2021) Attack classification using feature selection techniques: a comparative study. J Ambient Intell Humaniz Comput 12(1):1249–1266. https://doi.org/10.1007/s12652-020-02167-9
Wang Z, Yang R, Fu X, Du X, Luo B (2016) A shared memory based cross-VM side channel attacks in IaaS cloud. In: Proceedings—IEEE INFOCOM, 2016 September, pp 181–186. https://doi.org/10.1109/INFCOMW.2016.7562068
Wang G, Chattopadhyay S, Gotovchits I, Mitra T, Roychoudhury A (2019) oo7: low-overhead defense against spectre attacks via program analysis. IEEE Trans Software Eng. https://doi.org/10.1109/TSE.2019.2953709
Xu Y, Bailey M, Jahanian F, Joshi K, Hiltunen M, Schlichting R (2011) An exploration of L2 cache covert channels in virtualized environments. In: Proceedings of the 3rd ACM workshop on cloud computing security workshop, pp 29–40. https://doi.org/10.1145/2046660.2046670
Younis YA, Kifayat K, Shi Q, Askwith B (2015) A new prime and probe cache side-channel attack for cloud computing. In: Proceedings—15th IEEE international conference on computer and information technology, CIT 2015, 14th IEEE international conference on ubiquitous computing and communications, IUCC 2015, 13th IEEE international conference on dependable, autonomic and Se, pp 1718–1724. https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.259
Zhang Y, Makris Y (2020) Hardware-based detection of spectre attacks: a machine learning approach. In: 2020 Asian hardware oriented security and trust symposium (AsianHOST), pp 1–6. https://doi.org/10.1109/AsianHOST51057.2020.9358255
Zhang Y, Juels A, Reiter MK, Ristenpart T (2012) Cross-VM side channels and their use to extract private keys. In: Proceedings of the 2012 ACM conference on computer and communications security, pp 305–316. https://doi.org/10.1145/2382196.2382230
Funding
This research received no specific grant from any funding agency in the public, commercial, or not-for-profit sectors.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
On behalf of all authors, the corresponding author states that there is no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Buch, D.H., Bhatt, H.S. Trilochan: a solution to detect cross-VM direct timing attack. J Ambient Intell Human Comput 14, 8745–8763 (2023). https://doi.org/10.1007/s12652-021-03628-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-021-03628-5