Skip to main content
Log in

Trilochan: a solution to detect cross-VM direct timing attack

  • Original Research
  • Published:
Journal of Ambient Intelligence and Humanized Computing Aims and scope Submit manuscript

Abstract

Traditionally, a single machine hosts multiple services for the effective utilization of available resources. Such resource sharing among the co-hosted services opens the scope of Side Channel Attack (SCA) from one process to another. One such attack is the Branch Prediction Analysis (BPA) attack to extract the decryption key of a secured communication going on a shared resource. Virtual Machines (VMs) have become a defacto standard for hosting such multiple services on a single machine. VM provides a dedicated operating system and environment for each service. With reference to different types of BPA attack in a virtualization environment, this paper proposes a behavioral monitoring based novel approach, Trilochan, to detect Cross-VM Direct Timing Attack (DTA), a type of BPA attack. The solution is found very useful with negligible performance overheads.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20

Similar content being viewed by others

Explore related subjects

Discover the latest articles, news and stories from top researchers in related subjects.

Availability of data and material

Not applicable.

Code availability

Not applicable.

References

  • Aciçmez O, Gueron S, Seifert J-P (2007) New branch prediction vulnerabilities in OpenSSL and necessary software countermeasures. In: Galbraith SD (ed) Cryptography and coding. Springer, Berlin Heidelberg, pp 185–203

    Chapter  Google Scholar 

  • Aciiçmez O, Koç ÇK, Seifert J-P (2007) On the power of simple branch prediction analysis. In: Proceedings of the 2nd ACM symposium on information, computer and communications security, pp 312–320. https://doi.org/10.1145/1229285.1266999

  • Acundefinediçmez O, Koç ÇK, Seifert J-P (2007) Predicting secret keys via branch prediction. In: Proceedings of the 7th cryptographers’ track at the RSA conference on topics in cryptology, pp 225–242. https://doi.org/10.1007/11967668_15

  • Agosta G, Breveglieri L, Pelosi G, Koren I (2007) Countermeasures against branch target buffer attacks. In: Workshop on fault diagnosis and tolerance in cryptography (FDTC 2007), pp 75–79. https://doi.org/10.1109/FDTC.2007.10

  • Bhattacharya S, Mukhopadhyay D (2014) Fault attack revealing secret keys of exponentiation algorithms from branch prediction misses. IACR Cryptology EPrint Archive, 2014, p 790. http://eprint.iacr.org/2014/790

  • Bhattacharya S, Mukhopadhyay D (2015). Who watches the watchmen? : utilizing performance monitors for compromising keys of RSA on Intel platforms. IACR Cryptology EPrint Archive, 2015, p 621. http://eprint.iacr.org/2015/621

  • Bhattacharya S, Mukhopadhyay D (2017) Formal fault analysis of branch predictors: attacking countermeasures of asymmetric key ciphers. J Cryptogr Eng 7(4):299–310. https://doi.org/10.1007/s13389-017-0165-6

    Article  Google Scholar 

  • Bhattacharya S, Bhasin S, Mukhopadhyay D (2018) Online detection and reactive countermeasure for leakage from BPU using TVLA. In: 2018 31st International conference on VLSI design and 2018 17th international conference on embedded systems (VLSID), pp 155–160. https://doi.org/10.1109/VLSID.2018.54

  • Buch DH, Bhatt HS (2019) Cross-VM branch prediction analysis attack: scope assessment and simulation. Int J Recent Technol Eng 8(2). https://doi.org/10.35940/ijrte.B3553.078219

  • Buch DH, Bhatt HS (2020) Trinetra: a solution to handle cross-VM time-driven attack. SN Appl Sci 2(4):1–12. https://doi.org/10.1007/s42452-020-2297-z

    Article  Google Scholar 

  • Chordiya AR, Majumder S, Javaid AY (2018) Man-in-the-middle (MITM) attack based hijacking of HTTP traffic using open source tools. IEEE Int Conf Electro/Inf Technol (EIT) 2018:438–443. https://doi.org/10.1109/EIT.2018.8500144

    Article  Google Scholar 

  • Chouhan M, Hasbullah H (2016) Adaptive detection technique for cache-based side channel attack using bloom filter for secure cloud. In: 2016 3rd international conference on computer and information sciences, ICCOINS 2016—proceedings, pp 293–297. https://doi.org/10.1109/ICCOINS.2016.7783230

  • de Melo AC (2010) The new linux ‘perf’ tools. In slides from Linux Kongress. http://www.linux-kongress.org/2010/slides/lk2010-perf-acme.pdf

  • Gu H, Chen M, Wang Y, Xie F (2020) Spectre check: an approach to detecting speculative execution side channels in data cache. In: 2020 IEEE international conference on embedded software and systems (ICESS), pp 1–8. https://doi.org/10.1109/ICESS49830.2020.9301601

  • Hussein O, Hamza N, Hefny H (2015) A proposed covert channel based on memory reclamation. In: 2015 IEEE seventh international conference on intelligent computing and information systems (ICICIS), pp 343–347. https://doi.org/10.1109/IntelCIS.2015.7397244

  • Joye Marcand Yen S-M (2003) The montgomery powering ladder. In: Çetin K, KaliskiBurton PC (eds) Cryptographic hardware and embedded systems-CHES 2002. Springer, Berlin, Heidelberg, pp 291–302

    Chapter  Google Scholar 

  • Kocher P, Horn J, Fogh A, Genkin D, Gruss D, Haas W, Hamburg M, Lipp M, Mangard S, Prescher T, Schwarz M, Yarom Y (2020) Spectre attacks: exploiting speculative execution. Commun ACM 63(7):93–101. https://doi.org/10.1145/3399742

    Article  Google Scholar 

  • Kulah Y, Dincer B, Yilmaz C, Savas E (2019) SpyDetector: an approach for detecting side-channel attacks at runtime. Int J Inf Secur 18(4):393–422. https://doi.org/10.1007/s10207-018-0411-7

    Article  Google Scholar 

  • Li P, Zhao L, Hou R, Zhang L, Meng D (2019) Conditional speculation: an effective approach to safeguard out-of-order execution against spectre attacks. In: 2019 IEEE international symposium on high performance computer architecture (HPCA), pp 264–276. https://doi.org/10.1109/HPCA.2019.00043

  • Liu F, Ren L, Bai H (2014) Mitigating cross-VM side channel attack on multiple tenants cloud platform. J Comput 9(4):1005–1013. https://doi.org/10.4304/jcp.9.4.1005-1013

    Article  Google Scholar 

  • Liu F, Ge Q, Yarom Y, Mckeen F, Rozas C, Heiser G, Lee RB (2016) CATalyst: defeating last-level cache side channel attacks in cloud computing. In: 2016 IEEE international symposium on high performance computer architecture (HPCA), pp 406–418. https://doi.org/10.1109/HPCA.2016.7446082

  • Sebot J, Gueron S (2014) Mitigating branch prediction and other timing based side channel attacks (Patent No. US8869294B2). https://patents.google.com/patent/US8869294B2/en

  • Sevak B (2012) Security against side channel attack in cloud computing. Int J Eng Adv Technol 2(2):183–186

    Google Scholar 

  • Tan Y, Wei J, Guo W (2014) The micro-architectural support countermeasures against the branch prediction analysis attack. In: 2014 IEEE 13th international conference on trust, security and privacy in computing and communications, pp 276–283. https://doi.org/10.1109/TrustCom.2014.38

  • Thakkar A, Lohiya R (2021) Attack classification using feature selection techniques: a comparative study. J Ambient Intell Humaniz Comput 12(1):1249–1266. https://doi.org/10.1007/s12652-020-02167-9

    Article  Google Scholar 

  • Wang Z, Yang R, Fu X, Du X, Luo B (2016) A shared memory based cross-VM side channel attacks in IaaS cloud. In: Proceedings—IEEE INFOCOM, 2016 September, pp 181–186. https://doi.org/10.1109/INFCOMW.2016.7562068

  • Wang G, Chattopadhyay S, Gotovchits I, Mitra T, Roychoudhury A (2019) oo7: low-overhead defense against spectre attacks via program analysis. IEEE Trans Software Eng. https://doi.org/10.1109/TSE.2019.2953709

    Article  Google Scholar 

  • Xu Y, Bailey M, Jahanian F, Joshi K, Hiltunen M, Schlichting R (2011) An exploration of L2 cache covert channels in virtualized environments. In: Proceedings of the 3rd ACM workshop on cloud computing security workshop, pp 29–40. https://doi.org/10.1145/2046660.2046670

  • Younis YA, Kifayat K, Shi Q, Askwith B (2015) A new prime and probe cache side-channel attack for cloud computing. In: Proceedings—15th IEEE international conference on computer and information technology, CIT 2015, 14th IEEE international conference on ubiquitous computing and communications, IUCC 2015, 13th IEEE international conference on dependable, autonomic and Se, pp 1718–1724. https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.259

  • Zhang Y, Makris Y (2020) Hardware-based detection of spectre attacks: a machine learning approach. In: 2020 Asian hardware oriented security and trust symposium (AsianHOST), pp 1–6. https://doi.org/10.1109/AsianHOST51057.2020.9358255

  • Zhang Y, Juels A, Reiter MK, Ristenpart T (2012) Cross-VM side channels and their use to extract private keys. In: Proceedings of the 2012 ACM conference on computer and communications security, pp 305–316. https://doi.org/10.1145/2382196.2382230

Download references

Funding

This research received no specific grant from any funding agency in the public, commercial, or not-for-profit sectors.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Dhara H. Buch.

Ethics declarations

Conflict of interest

On behalf of all authors, the corresponding author states that there is no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Buch, D.H., Bhatt, H.S. Trilochan: a solution to detect cross-VM direct timing attack. J Ambient Intell Human Comput 14, 8745–8763 (2023). https://doi.org/10.1007/s12652-021-03628-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12652-021-03628-5

Keywords

Navigation