Observatorio de I+D+i UPM

Memorias de investigación
Ponencias en congresos:
CacheShield: Detecting Cache Attacks through Self-Observation
Año:2018
Áreas de investigación
  • Tecnología electrónica y de las comunicaciones,
  • Ciencias de la computación y tecnología informática
Datos
Descripción
Microarchitectural attacks pose a great threat to any code running in parallel to other untrusted processes. Especially in public clouds, where system resources such as caches are shared across several tenants, microarchitectural attacks remain an unsolved problem. Cache attacks rely on evictions by the spy process, which alter the execution behavior of the victim process. Similarly, all attacks exploiting shared resource access will influence these resources, thereby influencing the process they are targeting. We show that hardware performance events reveal the presence of such attacks. Based on this observation, we propose CacheShield, a tool to protect legacy code by self-monitoring its execution and detecting the presence of microarchitectural attacks. CacheShield can be run by users and does not require alteration of the OS or hypervisor, while previously proposed software-based countermeasures require cooperation from the hypervisor. Unlike methods that try to detect malicious processes, our approach is lean, as only a fraction of the system needs to be monitored. It also integrates well into today's cloud infrastructure, as concerned users can opt to use CacheShield without support from the cloud service provider. Our results show that CacheShield detects attacks fast, with high reliability, and with few false positives, even in the presence of strong noise.
Internacional
Si
Nombre congreso
ACM Conference on Data and Application Security and Privacy
Tipo de participación
960
Lugar del congreso
Tempe, AZ, USA
Revisores
Si
ISBN o ISSN
978-1-4503-5632-9
DOI
Fecha inicio congreso
19/03/2018
Fecha fin congreso
21/03/2018
Desde la página
224
Hasta la página
235
Título de las actas
Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy
Esta actividad pertenece a memorias de investigación
Participantes
  • Autor: Samira Briongos Herrero (UPM)
  • Autor: Gorka Irazoqui (Worcester Polytechnic Institute)
  • Autor: Pedro Jose Malagon Marzo (UPM)
  • Autor: Thomas Eisenbarth (Worcester Polytechnic Institute)
Grupos de investigación, Departamentos, Centros e Institutos de I+D+i relacionados
  • Creador: Grupo de Investigación: Laboratorio de Sistemas Integrados (LSI)
  • Centro o Instituto I+D+i: Centro de Investigación en Simulación Computacional
  • Departamento: Ingeniería Electrónica
S2i 2023 Observatorio de investigación @ UPM con la colaboración del Consejo Social UPM
Cofinanciación del MINECO en el marco del Programa INNCIDE 2011 (OTR-2011-0236)
Cofinanciación del MINECO en el marco del Programa INNPACTO (IPT-020000-2010-22)