skip to main content
10.1145/3274694.3274715acmotherconferencesArticle/Chapter ViewAbstractPublication PagesacsacConference Proceedingsconference-collections
research-article

Analyzing Cache Side Channels Using Deep Neural Networks

Published: 03 December 2018 Publication History

Abstract

Cache side-channel attacks aim to breach the confidentiality of a computer system and extract sensitive secrets through CPU caches. In the past years, different types of side-channel attacks targeting a variety of cache architectures have been demonstrated. Meanwhile, different defense methods and systems have also been designed to mitigate these attacks. However, quantitatively evaluating the effectiveness of these attacks and defenses has been challenging. We propose a generic approach to evaluating cache side-channel attacks and defenses. Specifically, our method builds a deep neural network with its inputs as the adversary's observed information, and its outputs as the victim's execution traces. By training the neural network, the relationship between the inputs and outputs can be automatically discovered. As a result, the prediction accuracy of the neural network can serve as a metric to quantify how much information the adversary can obtain correctly, and how effective a defense solution is in reducing the information leakage under different attack scenarios. Our evaluation suggests that the proposed method can effectively evaluate different attacks and defenses.

References

[1]
{n. d.}. Kernel Samepage Merging. http://www.linux-kvm.org/page/KSM.
[2]
Onur Aciiçmez, Billy Bob Brumley, and Philipp Grabher. 2010. New Results on Instruction Cache Attacks. In Intl. Conf. on Cryptographic Hardware and Embedded Systems.
[3]
J. Bacelar Almeida, Manuel Barbosa, Jorge S. Pinto, and Bárbara Vieira. 2013. Formal verification of side-channel countermeasures using self-composition. Sci. Comput. Program. (2013).
[4]
Daniel J. Bernstein. 2005. Cache-timing attacks on AES. Technical Report.
[5]
Sarani Bhattacharya, Chester Rebeiro, and Debdeep Mukhopadhyay. 2012. Hardware Prefetchers Leak: A Revisit of SVF for Cache-Timing Attacks. In Hardware and Architectural Support for Security and Privacy.
[6]
Joseph Bonneau and Ilya Mironov. 2006. Cache-Collision Timing Attacks against AES. In Lecture Notes in Computer Science series 4249. Springer.
[7]
Billy Bob Brumley and Risto M. Hakala. 2009. Cache-Timing Template Attacks. In Intl. Conf. on the Theory and Application of Cryptology and Information Security: Advances in Cryptology.
[8]
Pablo Cañones, Boris Köpf, and Jan Reineke. 2017. Security analysis of cache replacement policies. In International Conference on Principles of Security and Trust.
[9]
Tianqi Chen, Mu Li, Yutian Li, Min Lin, Naiyan Wang, Minjie Wang, Tianjun Xiao, Bing Xu, Chiyuan Zhang, and Zheng Zhang. 2015. MXNet: A Flexible and Efficient Machine Learning Library for Heterogeneous Distributed Systems. CoRR abs/1512.01274 (2015). arXiv:1512.01274 http://arxiv.org/abs/1512.01274
[10]
John Demme, Robert Martin, Adam Waksman, and Simha Sethumadhavan. 2012. Side-channel Vulnerability Factor: a Metric for Measuring Information Leakage. In ACM/IEEE Intl. Symp. on Computer Architecture.
[11]
Craig Disselkoen, David Kohlbrenner, Leo Porter, and Dean Tullsen. 2017. Prime+Abort: A Timer-Free High-Precision L3 Cache Attack using Intel TSX. In USENIX Security Symposium.
[12]
Leonid Domnitser, Nael Abu-Ghazaleh, and Dmitry Ponomarev. 2010. A Predictive Model for Cache-based Side Channels in Multicore and Multithreaded Microprocessors. In Intl. Conference on Mathematical Methods, Models and Architectures for Computer Network Security.
[13]
Leonid Domnitser, Aamer Jaleel, Jason Loew, Nael Abu-Ghazaleh, and Dmitry Ponomarev. 2012. Non-monopolizable Caches: Low-complexity Mitigation of Cache Side Channel Attacks. ACM Transactions on Architecture and Code Optimization (2012).
[14]
Andrew Ferraiuolo, Rui Xu, Danfeng Zhang, Andrew C Myers, and G Edward Suh. 2017. Verification of a practical hardware security architecture through static information flow analysis. In Intl. Conf. on Architectural Support for Programming Languages and Operating Systems.
[15]
Daniel Genkin, Adi Shamir, and Eran Tromer. 2014. RSA key extraction via low-bandwidth acoustic cryptanalysis. In International Cryptology Conference. Springer, 444--461.
[16]
Ian Goodfellow, Yoshua Bengio, Aaron Courville, and Yoshua Bengio. 2016. Deep learning. Vol. 1. MIT press Cambridge.
[17]
Daniel Gruss, Clémentine Maurice, Klaus Wagner, and Stefan Mangard. 2016. Flush+Flush: A Fast and Stealthy Cache Attack. In Conference on Detection of Intrusions and Malware and Vulnerability Assessment.
[18]
Daniel Gruss, Raphael Spreitzer, and Stefan Mangard. 2015. Cache Template Attacks: Automating Attacks on Inclusive Last-level Caches. In USENIX Security Symposium.
[19]
David Gullasch, Endre Bangerter, and Stephan Krenn. 2011. Cache Games --- Bringing Access-Based Cache Attacks on AES to Practice. In IEEE Symposium on Security and Privacy.
[20]
Zecheng He and Ruby B Lee. 2017. How secure is your cache against side-channel attacks?. In IEEE/ACM International Symposium on Microarchitecture.
[21]
Gorka Irazoqui, Thomas Eisenbarth, and Berk Sunar. 2015. S$A: A Shared Cache Attack That Works across Cores and Defies VM Sandboxing --- and Its Application to AES. In IEEE Symposium on Security and Privacy.
[22]
Taesoo Kim, Marcus Peinado, and Gloria Mainar-Ruiz. 2012. STEALTHMEM: System-level Protection Against Cache-based Side Channel Attacks in the Cloud. In USENIX Security Symposium.
[23]
Paul Kocher, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2018. Spectre Attacks: Exploiting Speculative Execution. arXiv preprint arXiv:1801.01203 (2018).
[24]
Paul Kocher, Joshua Jaffe, and Benjamin Jun. 1999. Differential Power Analysis. In Advances in cryptology-CRYPTO 99. Springer, 789--789.
[25]
Boris Köpf and David Basin. 2007. An information-theoretic model for adaptive side-channel attacks. In ACM Conf. on Computer and Comms. Security.
[26]
Boris Köpf, Laurent Mauborgne, and Martín Ochoa. 2012. Automatic quantification of cache side-channels. In Intl. Conference on Computer Aided Verification.
[27]
Yann Le Cun, LD Jackel, B Boser, JS Denker, HP Graf, I Guyon, D Henderson, RE Howard, and W Hubbard. 1989. Handwritten Digit Recognition: Applications of Neural Network Chips and Automatic Learning. IEEE Communications Magazine 27, 11 (1989), 41--46.
[28]
Peng Li, Debin Gao, and Michael K. Reiter. 2014. StopWatch: A Cloud Architecture for Timing Channel Mitigation. ACM Transactions on Information and System Security (2014).
[29]
Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Clémentine Maurice, and Stefan Mangard. 2016. ARMageddon: Cache Attacks on Mobile Devices. In USENIX Security Symposium.
[30]
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown. arXiv preprint arXiv:1801.01207 (2018).
[31]
Fangfei Liu, Qian Ge, Yuval Yarom, Frank Mckeen, Carlos Rozas, Gernot Heiser, and Ruby B. Lee. 2016. CATalyst: Defeating Last-Level Cache Side Channel Attacks in Cloud Computing. In IEEE International Symposium on High Performance Computer Architecture.
[32]
Fangfei Liu and Ruby B. Lee. 2014. Random Fill Cache Architecture. In IEEE/ACM International Symposium on Microarchitecture.
[33]
Fangfei Liu, Hao Wu, Ken Mai, and Ruby B. Lee. 2016. Newcache: Secure Cache Architecture Thwarting Cache Side-Channel Attacks. IEEE Micro 36, 5 (2016).
[34]
Fangfei Liu, Yuval Yarom, Qian Ge, Gernot Heiser, and Ruby B. Lee. 2015. Last-Level Cache Side-Channel Attacks are Practical. In IEEE Symposium on Security and Privacy.
[35]
Yossef Oren, Vasileios P Kemerlis, Simha Sethumadhavan, and Angelos D Keromytis. 2015. The spy in the sandbox: Practical cache attacks in javascript and their implications. In ACM Conference on Computer and Communications Security.
[36]
Dag Arne Osvik, Adi Shamir, and Eran Tromer. 2006. Cache Attacks and Countermeasures: the Case of AES. In RSA Conference on Topics in Cryptology. 1--20.
[37]
Colin Percival. 2005. Cache Missing for Fun and Profit. In BSDCan.
[38]
P.A. Porras and R.A. Kemmerer. 1991. Covert flow trees: a technique for identifying and analyzing covert storage channels. In IEEE Computer Society Symp. on Research in Security and Privacy.
[39]
Jean-Jacques Quisquater and David Samyde. 2001. Electromagnetic Analysis (ema): Measures and Counter-measures for Smart Cards. Smart Card Programming and Security (2001), 200--210.
[40]
C. Rebeiro and D. Mukhopadhyay. 2012. Boosting Profiled Cache Timing Attacks With A Priori Analysis. IEEE Trans. on Information Forensics and Security (2012).
[41]
Herbert Robbins and Sutton Monro. 1951. A stochastic approximation method. The annals of mathematical statistics (1951), 400--407.
[42]
Frank Rosenblatt. 1958. The Perceptron: A Probabilistic Model for Information Storage and Organization in the Brain. Psychological review 65, 6 (1958), 386.
[43]
David E Rumelhart, Geoffrey E Hinton, and Ronald J Williams. 1986. Learning Representations by Back-propagating Errors. nature 323, 6088 (1986), 533.
[44]
Jicheng Shi, Xiang Song, Haibo Chen, and Binyu Zang. 2011. Limiting Cache-based Side-channel in Multi-tenant Cloud using Dynamic Page Coloring. In IEEE/IFIP International Conference on Dependable Systems and Networks Workshops.
[45]
François-Xavier Standaert, Tal G. Malkin, and Moti Yung. 2009. A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks. In Annual Intl. Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques.
[46]
Josef Svenningsson and David Sands. 2010. Specification and verification of side channel declassification. In Intl. Conf. on Formal Aspects in Security and Trust.
[47]
Kris Tiri, Onur Acıiçmez, Michael Neve, and Flemming Andersen. 2007. An analytical model for time-driven cache attacks. In International Workshop on Fast Software Encryption.
[48]
Bhanu C. Vattikonda, Sambit Das, and Hovav Shacham. 2011. Eliminating Fine Grained Timers in Xen. In ACM Workshop on Cloud Computing Security.
[49]
Zhenghong Wang and Ruby.B. Lee. 2008. A Novel Cache Architecture with Enhanced Performance and Security. In IEEE/ACM International Symposium on Microarchitecture.
[50]
Zhenghong Wang and Ruby B. Lee. 2006. Covert and Side Channels Due to Processor Architecture. In Annual Computer Security Applications Conference.
[51]
Zhenghong Wang and Ruby B. Lee. 2007. New Cache Designs for Thwarting Software Cache-based Side Channel Attacks. In ACM International Symposium on Computer Architecture.
[52]
Yuval Yarom and Katrina Falkner. 2014. FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-channel Attack. In USENIX Security Symposium.
[53]
Danfeng Zhang, Yao Wang, G. Edward Suh, and Andrew C. Myers. 2015. A Hardware Design Language for Timing-Sensitive Information-Flow Security. In Intl. Conf. on Architectural Support for Programming Languages and Operating Systems.
[54]
Tianwei Zhang, Si Chen, Fangfei Liu, and Ruby B. Lee. 2013. Side Channel Vulnerability Metrics: the Promise and the Pitfalls. In Hardware and Architectural Support for Security and Privacy.
[55]
Tianwei Zhang and Ruby B. Lee. 2014. New Models of Cache Architectures Characterizing Information Leakage from Cache Side Channels. In Annual Computer Security Applications Conference.
[56]
Xiaokuan Zhang, Yuan Xiao, and Yinqian Zhang. 2016. Return-Oriented Flush-Reload Side Channels on ARM and Their Implications for Android Devices. In ACM Conference on Computer and Communications Security.
[57]
Yinqian Zhang, Ari Juels, Michael K. Reiter, and Thomas Ristenpart. 2012. Cross-VM Side Channels and Their Use to Extract Private Keys. In ACM Conference on Computer and Communications Security.
[58]
Yinqian Zhang, Ari Juels, Michael K. Reiter, and Thomas Ristenpart. 2014. Cross-Tenant Side-Channel Attacks in PaaS Clouds. In ACM Conference on Computer and Communications Security.
[59]
Yinqian Zhang and Michael K. Reiter. 2013. DüPpel: Retrofitting Commodity Operating Systems to Mitigate Cache Side Channels in the Cloud. In ACM Conference on Computer and Communications Security.
[60]
Ziqiao Zhou, Michael K Reiter, and Yinqian Zhang. 2016. A Software Approach to Defeating Side Channels in Last-level Caches. In ACM Conference on Computer and Communications Security.

Cited By

View all
  • (2024)FriendlyFoe: Adversarial Machine Learning as a Practical Architectural Defense against Side Channel AttacksProceedings of the 2024 International Conference on Parallel Architectures and Compilation Techniques10.1145/3656019.3676952(338-350)Online publication date: 14-Oct-2024
  • (2024)Deep Learning-Based Detection for Multiple Cache Side-Channel AttacksIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.334008819(1672-1686)Online publication date: 2024
  • (2024)Protecting Confidential Virtual Machines from Hardware Performance Counter Side Channels2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58291.2024.00031(195-208)Online publication date: 24-Jun-2024
  • Show More Cited By
  1. Analyzing Cache Side Channels Using Deep Neural Networks

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    ACSAC '18: Proceedings of the 34th Annual Computer Security Applications Conference
    December 2018
    766 pages
    ISBN:9781450365697
    DOI:10.1145/3274694
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    In-Cooperation

    • ACSA: Applied Computing Security Assoc

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 03 December 2018

    Permissions

    Request permissions for this article.

    Check for updates

    Qualifiers

    • Research-article
    • Research
    • Refereed limited

    Conference

    ACSAC '18

    Acceptance Rates

    Overall Acceptance Rate 104 of 497 submissions, 21%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)26
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 19 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2024)FriendlyFoe: Adversarial Machine Learning as a Practical Architectural Defense against Side Channel AttacksProceedings of the 2024 International Conference on Parallel Architectures and Compilation Techniques10.1145/3656019.3676952(338-350)Online publication date: 14-Oct-2024
    • (2024)Deep Learning-Based Detection for Multiple Cache Side-Channel AttacksIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.334008819(1672-1686)Online publication date: 2024
    • (2024)Protecting Confidential Virtual Machines from Hardware Performance Counter Side Channels2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58291.2024.00031(195-208)Online publication date: 24-Jun-2024
    • (2023)Metior: A Comprehensive Model to Evaluate Obfuscating Side-Channel Defense SchemesProceedings of the 50th Annual International Symposium on Computer Architecture10.1145/3579371.3589073(1-16)Online publication date: 17-Jun-2023
    • (2023)Preserving Privacy of Neuromorphic Hardware From PCIe Congestion Side-Channel Attack2023 IEEE 47th Annual Computers, Software, and Applications Conference (COMPSAC)10.1109/COMPSAC57700.2023.00094(689-698)Online publication date: Jun-2023
    • (2022)A Cross-Platform Cache Timing Attack Framework via Deep Learning2022 Design, Automation & Test in Europe Conference & Exhibition (DATE)10.23919/DATE54114.2022.9774612(676-681)Online publication date: 14-Mar-2022
    • (2021)Cyber Security Aspects of Virtualization in Cloud Computing EnvironmentsResearch Anthology on Privatizing and Securing Data10.4018/978-1-7998-8954-0.ch080(1658-1671)Online publication date: 2021
    • (2020)Cyber Security Aspects of Virtualization in Cloud Computing EnvironmentsQuantum Cryptography and the Future of Cyber Security10.4018/978-1-7998-2253-0.ch013(283-299)Online publication date: 2020
    • (2020)Multiple-Input, Multilayer-Perception-Based Classification of Traces From Side-Channel AttacksComputer10.1109/MC.2020.299664753:8(40-48)Online publication date: 30-Jul-2020
    • (2019)Page Cache AttacksProceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security10.1145/3319535.3339809(167-180)Online publication date: 6-Nov-2019
    • Show More Cited By

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media