research-article

First Time Miss : Low Overhead Mitigation for Shared Memory Cache Side Channels

Authors:

Kartik Ramkrishnan,

Stephen McCamant,

Antonia ZhaiAuthors Info & Claims

ICPP '20: Proceedings of the 49th International Conference on Parallel Processing

Article No.: 36, Pages 1 - 11

https://doi.org/10.1145/3404397.3404434

Published: 17 August 2020 Publication History

Abstract

Cache hit or miss is an important source of information leakage in cache side channel attacks. An attacker observes a much faster cache access time if the cache line has previously been filled in by the victim, and a much slower memory access time if the victim has not accessed this cache line, thus revealing to the attacker whether the victim has accessed the cache line or not.

For machines with private caches, this leakage can be mitigated by scheduling the victim and potential attackers on different cores, or flushing the private caches after a use. However, the latter is less practical for the large last-level cache. In this work, we propose a novel yet simple mitigation approach for cross-core attacks, called FTM (first time miss) approach. In this approach, in order to hide a cache hit to a shared cache, we make it to behave like a miss when it is accessed the first time by a thread. It is simulated by buffering the cache line for a time similar to the memory access time (i.e. like a miss penalty), and then sending it to the private cache. The next access onwards, it is safe to allow cache hits on this cache line because the attacker has already accessed it once, and expects it to be filled anyway. Thus, all of the cache lines appear to be accessed only by the attacker, and the access patterns of the victim can be hidden.

The hardware overhead for the FTM scheme is minimal because it only needs a small per core buffer. Simulation-based evaluation on SPEC and PARSEC benchmarks shows low performance hit (< 0.1%) because of low number of first time misses in most application programs.

References

[1]

Victor Costan, Ilia Lebedev, and Srinivas Devadas. [n.d.]. Sanctum: Minimal Hardware Extensions for Strong Software Isolation. ([n. d.]).

[2]

Daniel Gruss, Raphael Spreitzer, and Stefan Mangard. 2015. Cache template attacks: Automating attacks on inclusive last-level caches. In 24th {USENIX} Security Symposium ({USENIX} Security 15). 897–912.

[3]

Aamer Jaleel, Kevin B Theobald, Simon C Steely Jr, and Joel Emer. 2010. High performance cache replacement using re-reference interval prediction (RRIP). ACM SIGARCH Computer Architecture News 38, 3 (2010), 60–71.

Digital Library

[4]

Vladimir Kiriansky, Ilia Lebedev, Saman Amarasinghe, Srinivas Devadas, and Joel Emer. 2018. DAWG: A defense against cache timing attacks in speculative execution processors. In 2018 51st Annual IEEE/ACM International Symposium on Microarchitecture (MICRO). IEEE, 974–987.

Digital Library

[5]

Chang Liu, Austin Harris, Martin Maas, Michael Hicks, Mohit Tiwari, and Elaine Shi. 2015. Ghostrider: A hardware-software system for memory trace oblivious computation. ACM SIGPLAN Notices 50, 4 (2015), 87–101.

Digital Library

[6]

Fangfei Liu, Qian Ge, Yuval Yarom, Frank Mckeen, Carlos Rozas, Gernot Heiser, and Ruby B Lee. 2016. Catalyst: Defeating last-level cache side channel attacks in cloud computing. In 2016 IEEE international symposium on high performance computer architecture (HPCA). IEEE, 406–418.

[7]

Fangfei Liu, Hao Wu, Kenneth Mai, and Ruby B Lee. 2016. Newcache: Secure cache architecture thwarting cache side-channel attacks. IEEE Micro 36, 5 (2016), 8–16.

Digital Library

[8]

Fangfei Liu, Yuval Yarom, Qian Ge, Gernot Heiser, and Ruby B Lee. 2015. Last-level cache side-channel attacks are practical. In 2015 IEEE symposium on security and privacy. IEEE, 605–622.

Digital Library

[9]

Oracle. 2020 (accessed March 16, 2020). Hard Partitioning. https://docs.oracle.com/cd/E50245_01/E50249/html/vmcon-vm-pinning.html

[10]

Moinuddin K Qureshi. 2018. Ceaser: Mitigating conflict-based cache attacks via encrypted-address and remapping. In 2018 51st Annual IEEE/ACM International Symposium on Microarchitecture (MICRO). IEEE, 775–787.

Digital Library

[11]

Moinuddin K Qureshi. 2019. New attacks and defense for encrypted-address cache. In Proceedings of the 46th International Symposium on Computer Architecture. 360–371.

Digital Library

[12]

Kartik Ramkrishnan, Antonia Zhai, Stephen McCamant, and Pen Chung Yew. 2019. New Attacks and Defenses for Randomized Caches. arxiv:1909.12302 [cs.CR]

[13]

Ashay Rane, Calvin Lin, and Mohit Tiwari. 2015. Raccoon: Closing digital side-channels through obfuscated execution. In 24th {USENIX} Security Symposium ({USENIX} Security 15). 431–446.

[14]

Daniel Sanchez and Christos Kozyrakis. 2011. Vantage: scalable and efficient fine-grain cache partitioning. In Proceedings of the 38th annual international symposium on Computer architecture. 57–68.

Digital Library

[15]

Daniel Sanchez and Christos Kozyrakis. 2013. ZSim: Fast and accurate microarchitectural simulation of thousand-core systems. ACM SIGARCH Computer architecture news 41, 3 (2013), 475–486.

Digital Library

[16]

Emil Stefanov, Marten Van Dijk, Elaine Shi, Christopher Fletcher, Ling Ren, Xiangyao Yu, and Srinivas Devadas. 2013. Path ORAM: an extremely simple oblivious RAM protocol. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. 299–310.

Digital Library

[17]

Zhenghong Wang and Ruby B Lee. 2007. New cache designs for thwarting software cache-based side channel attacks. In Proceedings of the 34th annual international symposium on Computer architecture. 494–505.

Digital Library

[18]

Mario Werner, Thomas Unterluggauer, Lukas Giner, Michael Schwarz, Daniel Gruss, and Stefan Mangard. 2019. ScatterCache: thwarting cache attacks via cache set randomization. In 28th {USENIX} Security Symposium ({USENIX} Security 19). 675–692.

[19]

Mengjia Yan, Bhargava Gopireddy, Thomas Shull, and Josep Torrellas. 2017. Secure hierarchy-aware cache replacement policy (SHARP): Defending against cache-based side channel attacks. In 2017 ACM/IEEE 44th Annual International Symposium on Computer Architecture (ISCA). IEEE, 347–360.

Digital Library

[20]

Yuval Yarom and Katrina Falkner. 2014. FLUSH+ RELOAD: a high resolution, low noise, L3 cache side-channel attack. In 23rd {USENIX} Security Symposium ({USENIX} Security 14). 719–732.

Cited By

Tang BWu CWang ZJia LYew PCheng YZhang YWang CXu G(2023)SpecBox: A Label-Based Transparent Speculation Scheme Against Transient Execution AttacksIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.314428720:1(827-840)Online publication date: 1-Jan-2023
https://doi.org/10.1109/TDSC.2022.3144287
Ojha DDwarkadas S(2023)Preventing Coherence State Side Channel Leaks Using TimeCacheIEEE Transactions on Computers10.1109/TC.2022.320992272:2(374-385)Online publication date: 1-Feb-2023
https://doi.org/10.1109/TC.2022.3209922
Mosquera FKavi KMehta GJohn L(2023)Guard Cache: Creating False Cache Hits and Misses To Mitigate Side-Channel Attacks2023 Silicon Valley Cybersecurity Conference (SVCC)10.1109/SVCC56964.2023.10165527(1-8)Online publication date: 17-May-2023
https://doi.org/10.1109/SVCC56964.2023.10165527
Show More Cited By

Recommendations

Secure Hierarchy-Aware Cache Replacement Policy (SHARP): Defending Against Cache-Based Side Channel Atacks
ISCA'17

In cache-based side channel attacks, a spy that shares a cache with a victim probes cache locations to extract information on the victim's access patterns. For example, in evict+reload, the spy repeatedly evicts and then reloads a probe address, ...
New cache designs for thwarting software cache-based side channel attacks
ISCA '07: Proceedings of the 34th annual international symposium on Computer architecture

Software cache-based side channel attacks are a serious new class of threats for computers. Unlike physical side channel attacks that mostly target embedded cryptographic devices, cache-based side channel attacks can also undermine general purpose ...
Secure Hierarchy-Aware Cache Replacement Policy (SHARP): Defending Against Cache-Based Side Channel Atacks
ISCA '17: Proceedings of the 44th Annual International Symposium on Computer Architecture

In cache-based side channel attacks, a spy that shares a cache with a victim probes cache locations to extract information on the victim's access patterns. For example, in evict+reload, the spy repeatedly evicts and then reloads a probe address, ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ICPP '20: Proceedings of the 49th International Conference on Parallel Processing

August 2020

844 pages

ISBN:9781450388160

DOI:10.1145/3404397

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 August 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ICPP '20

ICPP '20: 49th International Conference on Parallel Processing

August 17 - 20, 2020

AB, Edmonton, Canada

Acceptance Rates

Overall Acceptance Rate 91 of 313 submissions, 29%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
188
Total Downloads

Downloads (Last 12 months)41
Downloads (Last 6 weeks)1

Reflects downloads up to 25 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Tang BWu CWang ZJia LYew PCheng YZhang YWang CXu G(2023)SpecBox: A Label-Based Transparent Speculation Scheme Against Transient Execution AttacksIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.314428720:1(827-840)Online publication date: 1-Jan-2023
https://doi.org/10.1109/TDSC.2022.3144287
Ojha DDwarkadas S(2023)Preventing Coherence State Side Channel Leaks Using TimeCacheIEEE Transactions on Computers10.1109/TC.2022.320992272:2(374-385)Online publication date: 1-Feb-2023
https://doi.org/10.1109/TC.2022.3209922
Mosquera FKavi KMehta GJohn L(2023)Guard Cache: Creating False Cache Hits and Misses To Mitigate Side-Channel Attacks2023 Silicon Valley Cybersecurity Conference (SVCC)10.1109/SVCC56964.2023.10165527(1-8)Online publication date: 17-May-2023
https://doi.org/10.1109/SVCC56964.2023.10165527
Aimoniotis PKvalsvik ASjalander MKaxiras S(2022)Data-Out Instruction-In (DOIN!): Leveraging Inclusive Caches to Attack Speculative Delay Schemes2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED)10.1109/SEED55351.2022.00012(49-60)Online publication date: Sep-2022
https://doi.org/10.1109/SEED55351.2022.00012
Ojha DDwarkadas SMartínez JDuato JJohn L(2021)TimeCacheProceedings of the 48th Annual International Symposium on Computer Architecture10.1109/ISCA52012.2021.00037(375-387)Online publication date: 14-Jun-2021
https://dl.acm.org/doi/10.1109/ISCA52012.2021.00037

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Figures

Tables

Media

View Table of Conten