More Web Proxy on the site http://driver.im/

research-article

Avoiding information leakage in the memory controller with fixed service policies

Authors:

Manjunath Shevgoor,

Rajeev Balasubramonian,

Mohit TiwariAuthors Info & Claims

MICRO-48: Proceedings of the 48th International Symposium on Microarchitecture

Pages 89 - 101

https://doi.org/10.1145/2830772.2830795

Published: 05 December 2015 Publication History

Abstract

Trusted applications frequently execute in tandem with untrusted applications on personal devices and in cloud environments. Since these co-scheduled applications share hardware resources, the latencies encountered by the untrusted application betray information about whether the trusted applications are accessing shared resources or not. Prior studies have shown that such information leaks can be used by the untrusted application to decipher keys or launch covert-channel attacks. Prior work has also proposed techniques to eliminate information leakage in various shared resources. The best known solution to eliminate information leakage in the memory system incurs high performance penalties. This work develops a comprehensive approach to eliminate timing channels in the memory controller that has two key elements: (i) We shape the memory access behavior of each thread so that it has an unchanging memory access pattern. (ii) We show how efficient memory access pipelines can be constructed to process the resulting memory accesses without introducing any resource conflicts. We mathematically show that the proposed system yields zero information leakage. We then show that various page mapping policies can impact the throughput of our secure memory system. We also introduce techniques to re-order requests from different threads to boost performance without leaking information. Our best solution offers throughput that is 27% lower than that of an optimized non-secure baseline, and that is 69% higher than the best known competing scheme.

References

[1]

O. Aciiçcmez, "Yet Another Microarchitectural Attack: Exploiting I-cache," in Proceedings of the 2007 ACM workshop on Computer Security Architecture, pp. 11--18, 2007.

Digital Library

[2]

O. Aciiçcmez, Ç. K. Koç, and J.-P. Seifert, "On the Power of Simple Branch Prediction Analysis," in Proceedings of the 2nd ACM symposium on Information, Computer and Communications Security, pp. 312--320, 2007.

Digital Library

[3]

O. Acιiçmez, Ç. K. Koç, and J.-P. Seifert, "Predicting Secret Keys via Branch Prediction," in Topics in Cryptology--CT-RSA 2007, pp. 225--242, Springer, 2006.

Digital Library

[4]

D. J. Bernstein, "Cache-timing Attacks on AES," 2005.

[5]

C. Percival, "Cache Missing for Fun and Profit," 2005.

[6]

B. Saltaformaggio, D. Xu, and X. Zhang, "BusMonitor: A Hypervisor-Based Solution for Memory Bus Covert Channels," in Proceedings of EuroSec, 2013.

[7]

Z. Wang and R. B. Lee, "Covert and Side Channels Due to Processor Architecture," in Computer Security Applications Conference, 2006 (ACSAC '06), pp. 473--482, 2006.

Digital Library

[8]

Z. Wu, Z. Xu, and H. Wang, "Whispers in the Hyper-space: High-speed Covert Channel Attacks in the Cloud," in the 21st USENIX Security Symposium (Security '12), 2012.

Digital Library

[9]

T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, "Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-party Compute Clouds," in Proceedings of the 16th ACM conference on Computer and Communications Security, pp. 199--212, 2009.

Digital Library

[10]

Y. Wang, A. Ferraiuolo, and G. E. Suh, "Timing Channel Protection for a Shared Memory Controller," in Proceedings of HPCA, 2014.

[11]

J. Kong, O. Aciiçmez, J.-P. Seifert, and H. Zhou, "Hardware-software Integrated Approaches to Defend Against Software Cache-based Side Channel Attacks," in Proceedings of HPCA, pp. 393--404, 2009.

[12]

D. Page, "Partitioned Cache Architecture as a Side-Channel Defence Mechanism," IACR Cryptology ePrint Archive, vol. 2005, p. 280, 2005.

[13]

Y. Wang and G. E. Suh, "Efficient Timing Channel Protection for On-chip Networks," in Proceedings of Networks on Chip (NoCS), pp. 142--151, 2012.

Digital Library

[14]

Z. Wang and R. B. Lee, "New Cache Designs for Thwarting Software Cache-based Side Channel Attacks," in Proceedings of ISCA, 2007.

Digital Library

[15]

Z. Wang and R. B. Lee, "A Novel Cache Architecture with Enhanced Performance and Security," in Proceedings of MICRO, pp. 83--93, 2008.

Digital Library

[16]

H. M. Wassel, Y. Gao, J. K. Oberg, T. Huffmire, R. Kastner, F. T. Chong, and T. Sherwood, "SurfNoC: A Low Latency and Provably Non-interfering Approach to Secure Networks-on-chip," in Proceedings of the 40th Annual International Symposium on Computer Architecture, pp. 583--594, 2013.

Digital Library

[17]

D. E. Denning, "A Lattice Model of Secure Information Flow," Commun. ACM, vol. 19, pp. 236--243, May 1976.

Digital Library

[18]

M. Tiwari, H. M. Wassel, B. Mazloom, S. Mysore, F. T. Chong, and T. Sherwood, "Complete Information Flow Tracking from the Gates Up," in Proceedings of ASPLOS, 2009.

Digital Library

[19]

J. A. Goguen and J. Meseguer, "Security Policies and Security Models," in Proceedings of IEEE Symposium on Security and Privacy (Oakland), 1982.

[20]

M. Tiwari, X. Li, H. M. G. Wassel, F. T. Chong, and T. Sherwood, "Execution leases: A hardware-supported mechanism for enforcing strong non-interference," in Proceedings of the 42nd Annual IEEE/ACM International Symposium on Microarchitecture, MICRO 42, (New York, NY, USA), pp. 493--504, ACM, 2009.

Digital Library

[21]

C. Hunger, M. Kazdagli, A. Rawat, S. Vishwanath, A. Dimakis, and M. Tiwari, "Understanding Contention-driven Covert Channels and Using Them for Defense," in Proceedings of HPCA, 2015.

[22]

T. Kim, M. Peinado, and G. Mainar-Ruiz, "STEALTHMEM: System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud," in Proceedings of USENIX Security Symposium, 2012.

Digital Library

[23]

A. Basu, J. Gandhi, J. Chang, M. Hill, and M. Swift, "Efficient Virtual Memory for Big Memory Servers," in Proceedings of ISCA, 2013.

Digital Library

[24]

Y. Xu, W. Cui, and M. Peinado, "Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems," in Proceedings of IEEE Symp. on Security and Privacy (S&P Oakland), 2015.

Digital Library

[25]

M. Maas, E. Love, E. Stefanov, M. Tiwari, E. Shi, K. Asanovic, J. Kubiatowic, and D. Song, "PHANTOM: Practical Oblivious Computation in a Secure Processor," in Proceedings of CCS, 2013.

Digital Library

[26]

D. of Defense, TCSEC: Trusted Computer System Evaluation Criteria. Technical Report 5200.28-STD. US Department of Defense, 1985.

[27]

X. Li, M. Tiwari, J. K. Oberg, V. Kashyap, F. T. Chong, T. Sherwood, and B. Hardekopf, "Caisson: A Hardware Description Language for Secure Information Flow," in Proceedings of PLDI, 2011.

Digital Library

[28]

X. Li, V. Kashyap, J. K. Oberg, M. Tiwari, V. R. Rajarathinam, R. Kastner, T. Sherwood, B. Hardekopf, and F. T. Chong, "Sapper: A Language for Hardware-Level Security Policy Enforcement," in Proceedings of ASPLOS, 2014.

Digital Library

[29]

Ed Suh, Yao Wang, Cornell University, Personal Correspondence, November 2014.

[30]

Y. Kim, M. Papamichael, O. Mutlu, and M. Harchol-Balter, "Thread Cluster Memory Scheduling: Exploiting Differences in Memory Access Behavior," in Proceedings of MICRO, 2010.

Digital Library

[31]

C. Fletcher, L. Ren, X. Yu, M. van Dijk, O. Khan, and S. Devadas, "Suppressing the Oblivious RAM Timing Channel While Making Information Leakage and Program Efficiency Trade-Offs," in Proceedings of HPCA, 2014.

[32]

S. Pugsley, Z. Chishti, C. Wilkerson, T. Chuang, R. Scott, A. Jaleel, S.-L. Lu, K. Chow, and R. Balasubramonian, "Sandbox Prefetching: Safe, Run-Time Evaluation of Aggressive Prefetchers," in Proceedings of HPCA, 2014.

[33]

Krishna T. Malladi, Ian Shaeffer, Liji Gopalakrishnan, David Lo, Benjamin C. Lee, Mark Horowitz, "Rethinking DRAM Power Modes for Energy Proportionality," 2012.

[34]

"Wind River Simics Full System Simulator," 2007. http://www.windriver.com/products/simics/.

[35]

N. Chatterjee, R. Balasubramonian, M. Shevgoor, S. Pugsley, A. Udipi, A. Shafiee, K. Sudan, M. Awasthi, and Z. Chishti, "USIMM: the Utah SImulated Memory Module," tech. rep., University of Utah, 2012. UUCS-12-002.

[36]

Y. Ishii, K. Hosokawa, M. Inaba, and K. Hiraki, "High Performance Memory Access Scheduling Using Compute-Phase Prediction and Writeback-Refresh Overlap," in Memory Scheduling Championship, 2012.

[37]

JEDEC, JESD79-4: JEDEC Standard DDR4 SDRAM, 2012.

[38]

D. H. Bailey, E. Barszcz, J. T. Barton, D. S. Browning, R. L. Carter, D. Dagum, R. A. Fatoohi, P. O. Frederickson, T. A. Lasinski, R. S. Schreiber, H. D. Simon, V. Venkatakrishnan, and S. K. Weeratunga, "The NAS Parallel Benchmarks," The International Journal of Supercomputer Applications, vol. 5, pp. 63--73, Fall 1994.

Digital Library

[39]

"Micron System Power Calculator." http://www.micron.com/products/support/power-calc.

[40]

R. Martin, J. Demme, and S. Sethumadhavan, "TimeWarp: Rethinking Timekeeping and Performance Monitoring Mechanisms to Mitigate Side-Channel Attacks," in Proceedings of ISCA, 2012.

Digital Library

[41]

A. Gundu, G. Sreekumar, A. Shafiee, S. Pugsley, H. Jain, R. Balasubramonian, and M. Tiwari, "Memory Bandwidth Reservation in the Cloud to Avoid Information Leakage in the Memory Controller," in Proceedings of the 3rd Workshop on Hardware and Architectural Support for Security and Privacy, 2014.

Digital Library

[42]

B. Agrawal and T. Sherwood, "High-bandwidth Network Memory System Through Virtual Pipelines," IEEE/ACM Trans. Netw., 2009.

Digital Library

[43]

Reineke, Jan and Liu, Isaac and Patel, Hiren D. and Kim, Sungjun and Lee, Edward A., "PRET DRAM Controller: Bank Privatization for Predictability and Temporal Isolation," in Proceedings of the Seventh IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis, CODES+ISSS '11, 2011.

Digital Library

[44]

B. Akesson, L. Steffens, E. Strooisma, and K. Goossens, "Real-time scheduling using credit-controlled static-priority arbitration," in Proceedings of the 2008 14th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications, RTCSA '08, 2008.

Digital Library

[45]

K. J. Nesbit, N. Aggarwal, J. Laudon, and J. E. Smith, "Fair Queuing Memory Systems," in Proceedings of MICRO, 2006.

Digital Library

[46]

N. Rafique, W. Lim, and M. Thottethodi, "Effective Management of DRAM Bandwidth in Multicore Processors," in Proceedings of PACT, 2007.

Digital Library

[47]

R. Iyer, L. Zhao, F. Guo, R. Illikkal, D. Newell, Y. Solihin, L. Hsu, and S. Reinhardt, "QoS Policies and Architecture for Cache/Memory in CMP Platforms," in Proceedings of SIGMETRICS, 2007.

Digital Library

[48]

K. Sudan, S. Srinivasan, R. Balasubramonian, and R. Iyer, "Optimizing Datacenter Power with Memory System Levers for Guaranteed Quality-of-Service," in Proceedings of PACT, 2012.

Digital Library

Cited By

Miao YZhang YWu DZhang DTan GZhang RKandemir M(2024)Veiled Pathways: Investigating Covert and Side Channels Within GPU Uncore2024 57th IEEE/ACM International Symposium on Microarchitecture (MICRO)10.1109/MICRO61859.2024.00088(1169-1183)Online publication date: 2-Nov-2024
https://doi.org/10.1109/MICRO61859.2024.00088
Miao YKandemir MZhang DZhang YTan GWu D(2023)Hardware Support for Constant-Time ProgrammingProceedings of the 56th Annual IEEE/ACM International Symposium on Microarchitecture10.1145/3613424.3623796(856-870)Online publication date: 28-Oct-2023
https://dl.acm.org/doi/10.1145/3613424.3623796
Deutsch PNa WBourgeat TEmer JYan MSolihin YHeinrich M(2023)Metior: A Comprehensive Model to Evaluate Obfuscating Side-Channel Defense SchemesProceedings of the 50th Annual International Symposium on Computer Architecture10.1145/3579371.3589073(1-16)Online publication date: 17-Jun-2023
https://dl.acm.org/doi/10.1145/3579371.3589073
Show More Cited By

Recommendations

Verifiable memory leakage-resilient dynamic searchable encryption

Searchable symmetric encryption (SSE) allows a data owner to outsource his encrypted data to a cloud server while retaining the ability to perform keyword search over encrypted data. The security guarantees of existing SSE schemes require that the ...
Memory-level parallelism aware fetch policies for simultaneous multithreading processors

A thread executing on a simultaneous multithreading (SMT) processor that experiences a long-latency load will eventually stall while holding execution resources. Existing long-latency load aware SMT fetch policies limit the amount of resources allocated ...
Silent Shredder: Zero-Cost Shredding for Secure Non-Volatile Main Memory Controllers
ASPLOS '16

As non-volatile memory (NVM) technologies are expected to replace DRAM in the near future, new challenges have emerged. For example, NVMs have slow and power-consuming writes, and limited write endurance. In addition, NVMs have a data remanence ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

MICRO-48: Proceedings of the 48th International Symposium on Microarchitecture

December 2015

787 pages

ISBN:9781450340342

DOI:10.1145/2830772

General Chair:
Milos Prvulovic
Georgia Tech

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

IEEE Computer Society TC-uARCH
SIGMICRO: ACM Special Interest Group on Microarchitectural Research and Processing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 December 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tag

hardware security

Qualifiers

Research-article

Funding Sources

NSF
Intel

Conference

MICRO-48

Sponsor:

SIGMICRO

MICRO-48: The 48th Annual IEEE/ACM International Symposium of Microarchitecture

December 5 - 9, 2015

Waikiki, Hawaii

Acceptance Rates

MICRO-48 Paper Acceptance Rate 61 of 283 submissions, 22%;

Overall Acceptance Rate 484 of 2,242 submissions, 22%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

26
Total Citations
View Citations
341
Total Downloads

Downloads (Last 12 months)23
Downloads (Last 6 weeks)2

Reflects downloads up to 09 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Miao YZhang YWu DZhang DTan GZhang RKandemir M(2024)Veiled Pathways: Investigating Covert and Side Channels Within GPU Uncore2024 57th IEEE/ACM International Symposium on Microarchitecture (MICRO)10.1109/MICRO61859.2024.00088(1169-1183)Online publication date: 2-Nov-2024
https://doi.org/10.1109/MICRO61859.2024.00088
Miao YKandemir MZhang DZhang YTan GWu D(2023)Hardware Support for Constant-Time ProgrammingProceedings of the 56th Annual IEEE/ACM International Symposium on Microarchitecture10.1145/3613424.3623796(856-870)Online publication date: 28-Oct-2023
https://dl.acm.org/doi/10.1145/3613424.3623796
Deutsch PNa WBourgeat TEmer JYan MSolihin YHeinrich M(2023)Metior: A Comprehensive Model to Evaluate Obfuscating Side-Channel Defense SchemesProceedings of the 50th Annual International Symposium on Computer Architecture10.1145/3579371.3589073(1-16)Online publication date: 17-Jun-2023
https://dl.acm.org/doi/10.1145/3579371.3589073
Deutsch PYang YBourgeat TDrean JEmer JYan MFalsafi BFerdman MLu SWenisch T(2022)DAGguise: mitigating memory timing side channelsProceedings of the 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems10.1145/3503222.3507747(329-343)Online publication date: 28-Feb-2022
https://dl.acm.org/doi/10.1145/3503222.3507747
Ali USahni AKhan O(2022)Protecting On-Chip Data Access Against Timing-Based Side-Channel Attacks on Multicores2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED)10.1109/SEED55351.2022.00024(190-201)Online publication date: Sep-2022
https://doi.org/10.1109/SEED55351.2022.00024
Ali UKhan O(2022)MultiCon: An Efficient Timing-based Side Channel Attack on Shared Memory Multicores2022 IEEE 40th International Conference on Computer Design (ICCD)10.1109/ICCD56317.2022.00024(97-104)Online publication date: Oct-2022
https://doi.org/10.1109/ICCD56317.2022.00024
Dutta SNaghibijouybari HAbu-Ghazaleh NMarquez ABarker KMartínez JDuato JJohn L(2021)Leaky buddiesProceedings of the 48th Annual International Symposium on Computer Architecture10.1109/ISCA52012.2021.00080(972-984)Online publication date: 14-Jun-2021
https://dl.acm.org/doi/10.1109/ISCA52012.2021.00080
Roy NBansal NTakhar GMittal NSubramanyan PYarom YZennou S(2020)When oblivious is notProceedings of the 14th USENIX Conference on Offensive Technologies10.5555/3488877.3488880(3-3)Online publication date: 11-Aug-2020
https://dl.acm.org/doi/10.5555/3488877.3488880
Balasubramonian R(2019)Innovations in the Memory SystemSynthesis Lectures on Computer Architecture10.2200/S00933ED1V01Y201906CAC04814:2(1-151)Online publication date: 10-Sep-2019
https://doi.org/10.2200/S00933ED1V01Y201906CAC048
Harris AWei SSahu PKumar PAustin TTiwari M(2019)CycloneProceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture10.1145/3352460.3358273(57-72)Online publication date: 12-Oct-2019
https://dl.acm.org/doi/10.1145/3352460.3358273
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents