research-article

Characterization of Timing-based Software Side-channel Attacks and Mitigations on Network-on-Chip Hardware

Authors:

Sheikh Abdul Rasheed Sahni,

Omer KhanAuthors Info & Claims

ACM Journal on Emerging Technologies in Computing Systems, Volume 19, Issue 3

Article No.: 21, Pages 1 - 23

https://doi.org/10.1145/3585519

Published: 21 June 2023 Publication History

Abstract

Modern network-on-chip (NoC) hardware is an emerging target for side-channel security attacks. A recent work implemented and characterized timing-based software side-channel attacks that target NoC hardware on a real multicore machine. This article studies the impact of system noise on prior attack setups and shows that high noise is sufficient to defeat the attacker. We propose an information theory-based attack setup that uses repetition codes and differential signaling techniques to de-noise the unwanted noise from the NoC channel to successfully implement a practical covert-communication attack on a real multicore machine. The evaluation demonstrates an attack efficacy of 97%, 88%, and 78% under low, medium, and high external noise, respectively. Our attack characterization reveals that noise-based mitigation schemes are inadequate to prevent practical covert communication, and thus isolation-based mitigation schemes must be considered to ensure strong security. Isolation-based schemes are shown to mitigate timing-based side-channel attacks. However, their impact on the performance of real-world security critical workloads is not well understood in the literature. This article evaluates the performance implications of state-of-the-art spatial and temporal isolation schemes. The performance impact is shown to range from 2–3% for a set of graph and machine learning workloads, thus making isolation-based mitigations practical.

References

[1]

1998. Curl: Command Line Tool and Library for Transferring Data with URLs. Retrieved from https://curl.se/.

[2]

2002. Linux numactl. Retrieved from https://linux.die.net/man/8/numactl.

[3]

2013. FreescaleADL: An Industrial-Strength Architectural Description Language for Programmable Cores. Retrieved from http://opensource.freescale.com/fsl-oss-projects/.

[4]

2017. QUARQ: A Novel General Purpose Multicore Architecture for Cognitive Computing. Retrieved from https://khan.engr.uconn.edu/pubs/quarq-techcon17.pdf.

[5]

2018. LYNX—The Text Web-Browser. Retrieved from https://lynx.invisible-island.net/.

[6]

2019. STRESS—Tool to Impose Load On and Stress Test Systems. Retrieved from https://linux.die.net/man/1/stress.

[7]

Masab Ahmad, Farrukh Hijaz, Qingchuan Shi, and Omer Khan. 2015. CRONO: A benchmark suite for multithreaded graph algorithms executing on futuristic multicores. In Proceedings of the IEEE International Symposium on Workload Characterization (IISWC’15).

Digital Library

[8]

Usman Ali and Omer Khan. 2021. ConNOC: A practical timing channel attack on network-on-chip hardware in a multicore processor. In Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust (HOST’21).

[9]

Intel Corporation. 2015. Improving Real-time Performance by Utilizing Cache Allocation Technology. Retrieved from https://www.intel.com/content/dam/www/public/us/en/documents/white-papers/cache-allocation-technology-white-paper.pdf.

[10]

Tilera Corporation. 2014. TILE-Gx72 Processor. Retrieved from http://www.mellanox.com/related-docs/prod_multi_core/PB_TILE-Gx72.pdf.

[11]

J. Deng, W. Dong, R. Socher, L. J. Li, Kai Li, and Li Fei-Fei. 2009. ImageNet: A large-scale hierarchical image database. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR’09).

[12]

Halit Dogan, Masab Ahmad, Brian Kahne, and Omer Khan. 2019. Accelerating synchronization using moving compute to data model at 1,000-core multicore scale. ACM Trans. Archit. Code Optim. 16, 1, Article 4 (February2019), 27 pages. DOI:

Digital Library

[13]

Ben Gras, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida. 2018. Translation leak-aside buffer: Defeating cache side-channel protections with TLB attacks. In Proceedings of the 27th USENIX Security Symposium (USENIX Security’18). USENIX Association, 955–972.

[14]

F. Liu and R. B. Lee. 2014. Random fill cache architecture. In Proceedings of the 47th Annual IEEE/ACM International Symposium on Microarchitecture. 203–215. DOI:

Digital Library

[15]

Xiaoxuan Lou, Tianwei Zhang, Jun Jiang, and Yinqian Zhang. 2021. A survey of microarchitectural side-channel vulnerabilities, attacks, and defenses in cryptography. ACM Comput. Surv. 54, 6, Article 122 (July2021), 37 pages. DOI:

Digital Library

[16]

Yehia Massoud, Jamil Kawa, Don MacMillen, and Jacob White. 2001. Modeling and analysis of differential signaling for minimizing inductive cross-talk. In Proceedings of the 38th Annual Design Automation Conference (DAC’01). Association for Computing Machinery, New York, NY, USA, 804–809. DOI:

Digital Library

[17]

Jason E. Miller, Harshad Kasture, George Kurian, Charles Gruenwald, Nathan Beckmann, Christopher Celio, Jonathan Eastep, and Anant Agarwal. 2010. Graphite: A distributed parallel simulator for multicores. In Proceedings of the 16th International Symposium on High-Performance Computer Architecture(HPCA’10). 1–12. DOI:

[18]

H. Omar and O. Khan. 2020. IRONHIDE: A secure multicore that efficiently mitigates microarchitecture state attacks for interactive applications. In Proceedings of the IEEE International Symposium on High Performance Computer Architecture (HPCA’20). 111–122. DOI:

[19]

Peter Pessl, Daniel Gruss, Clémentine Maurice, Michael Schwarz, and Stefan Mangard. 2016. DRAMA: Exploiting DRAM addressing for cross-CPU attacks. In Proceedings of the 25th USENIX Security Symposium (USENIX Security’16). USENIX Association, 565–581.

[20]

Stephen Röttger and Artur Janc. 2021. A Spectre proof-of-concept for a Spectre-proof web. Retrieved from https://security.googleblog.com/2021/03/a-spectre-proof-of-concept-for-spectre.html.

[21]

Dimitrios Skarlatos, Mengjia Yan, Bhargava Gopireddy, Read Sprabery, Josep Torrellas, and Christopher W. Fletcher. 2019. MicroScope: Enabling microarchitectural replay attacks. In Proceedings of the ACM/IEEE 46th Annual International Symposium on Computer Architecture (ISCA’19). 318–331.

Digital Library

[22]

Dimitrios Skarlatos, Mengjia Yan, Bhargava Gopireddy, Read Sprabery, Josep Torrellas, and Christopher W. Fletcher. 2020. MicroScope: Enabling microarchitectural replay attacks. IEEE Micro 40, 3 (2020), 91–98. DOI:

[23]

Dimitrios Skarlatos, Zirui Neil Zhao, Riccardo Paccagnella, Christopher W. Fletcher, and Josep Torrellas. 2021. Jamais vu: Thwarting microarchitectural replay attacks. In Proceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS’21). Association for Computing Machinery, New York, NY, 1061–1076. DOI:

Digital Library

[24]

Y. Wang and G. E. Suh. 2012. Efficient timing channel protection for on-chip networks. In Proceedings of the IEEE/ACM 6th International Symposium on Networks-on-Chip. 142–151. DOI:

Digital Library

[25]

H. Wassel, Y. Gao, J. Oberg, Ted Huffmire, R. Kastner, F. Chong, and T. Sherwood. 2013. SurfNoC: A low latency and provably non-interfering approach to secure networks-on-chip. In Proceedings of the International Symposium on Computer Architecture (ISCA’13).

Digital Library

[26]

Yu Xue, Jiongming Jiang, Binping Zhao, and Tinghuai Ma. 2018. A self-adaptive artificial bee colony algorithm for global optimization. Soft Comput. 22 (2018), 2935–2952.

Digital Library

[27]

Yuval Yarom and Katrina Falkner. 2014. FLUSH+RELOAD: A high resolution, low noise, L3 cache side-channel attack. In Proceedings of the 23rd USENIX Security Symposium (USENIX Security’14). USENIX Association, 719–732.

[28]

Yanqi Zhou, Sameer Wagh, Prateek Mittal, and David Wentzlaff. 2017. Camouflage: Memory traffic shaping to mitigate timing attacks. In Proceedings of the IEEE International Symposium on High Performance Computer Architecture (HPCA’17). 337–348. DOI:

Cited By

Dipesh Chatterjee U(2024)Door Knock: Reverse Engineering the MPSoC Layout Through Timing Attack on NoCIEEE Embedded Systems Letters10.1109/LES.2024.337110616:4(449-452)Online publication date: 1-Dec-2024
https://dl.acm.org/doi/10.1109/LES.2024.3371106
Srinivas MElango K(2024)Era of Sentinel Tech: Charting Hardware Security Landscapes Through Post-Silicon Innovation, Threat Mitigation and Future TrajectoriesIEEE Access10.1109/ACCESS.2024.340062412(68061-68108)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3400624
Yadav SLaxmi VKapoor HGaur MKumar A(2023)Adaptive distribution of control messages for improving bandwidth utilization in multiple NoCThe Journal of Supercomputing10.1007/s11227-023-05208-079:15(17208-17246)Online publication date: 7-May-2023
https://dl.acm.org/doi/10.1007/s11227-023-05208-0

Index Terms

Characterization of Timing-based Software Side-channel Attacks and Mitigations on Network-on-Chip Hardware
1. Security and privacy
  1. Security in hardware
    1. Hardware attacks and countermeasures
      1. Side-channel analysis and countermeasures

Recommendations

Security beyond cybersecurity: side-channel attacks against non-cyber systems and their countermeasures
Abstract
Side-channels are unintended pathways within target systems that leak internal information, exploitable via side-channel attack techniques that extract the target information, compromising the system’s security and privacy. Side-channel attacks ...
Countermeasures for timing-based side-channel attacks against shared, modern computing hardware

There are several vulnerabilities in computing systems hardware that can be exploited by attackers to carry out devastating microarchitectural timing-based side-channel attacks against these systems and as a result compromise the security of the users of ...
One-Sided Countermeasures for Side-Channel Attacks Can Backfire
WiSec '18: Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks

Side-channel attacks are currently one of the most powerful attacks against implementations of cryptographic algorithms. They exploit the correlation between the physical measurements (power consumption, electromagnetic emissions, timing) taken at ...

Comments

Information & Contributors

Information

Published In

cover image ACM Journal on Emerging Technologies in Computing Systems

ACM Journal on Emerging Technologies in Computing Systems Volume 19, Issue 3

July 2023

183 pages

ISSN:1550-4832

EISSN:1550-4840

DOI:10.1145/3605195

Editor:
Ramesh Karri
Polytechnic Institute of New York University, USA

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Journal Family

ACM Journals for the Design of Smart and Connected Systems

Publication History

Published: 21 June 2023

Online AM: 02 March 2023

Accepted: 29 January 2023

Revised: 26 September 2022

Received: 15 March 2022

Published in JETC Volume 19, Issue 3

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

National Science Foundation
Semiconductor Research Corporation (SRC)

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
435
Total Downloads

Downloads (Last 12 months)110
Downloads (Last 6 weeks)16

Reflects downloads up to 01 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Dipesh Chatterjee U(2024)Door Knock: Reverse Engineering the MPSoC Layout Through Timing Attack on NoCIEEE Embedded Systems Letters10.1109/LES.2024.337110616:4(449-452)Online publication date: 1-Dec-2024
https://dl.acm.org/doi/10.1109/LES.2024.3371106
Srinivas MElango K(2024)Era of Sentinel Tech: Charting Hardware Security Landscapes Through Post-Silicon Innovation, Threat Mitigation and Future TrajectoriesIEEE Access10.1109/ACCESS.2024.340062412(68061-68108)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3400624
Yadav SLaxmi VKapoor HGaur MKumar A(2023)Adaptive distribution of control messages for improving bandwidth utilization in multiple NoCThe Journal of Supercomputing10.1007/s11227-023-05208-079:15(17208-17246)Online publication date: 7-May-2023
https://dl.acm.org/doi/10.1007/s11227-023-05208-0

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Full Text

View this article in Full Text.

Figures

Tables

Media

View full text|Download PDF

View Issue’s Table of Contents