Johannes Müller,Anna Lena Duque Antón,Lucas Deutschmann,Dino Mehmedagić,Cristiano Rodrigues,Daniel Oliveira,Keerthikumara Devarajegowda,Mohammad Rahmani Fadiheh,Sandro Pinto,Dominik Stoffel,Wolfgang Kunz

DOI: https://doi.org/10.1145/3649329.3656541

2024-07-18

Abstract:Microarchitectural timing side channels have been thoroughly investigated as a security threat in hardware designs featuring shared buffers (e.g., caches) or parallelism between attacker and victim task execution. However, contradicting common intuitions, recent activities demonstrate that this threat is real even in microcontroller SoCs without such features. In this paper, we describe SoC-wide timing side channels previously neglected by security analysis and present a new formal method to close this gap. In a case study on the RISC-V Pulpissimo SoC, our method detected a vulnerability to a previously unknown attack variant that allows an attacker to obtain information about a victim's memory access behavior. After implementing a conservative fix, we were able to verify that the SoC is now secure w.r.t. the considered class of timing side channels.

Cryptography and Security

JingZheng Wu,Liping Ding,Yongji Wang,Wei Han

DOI: https://doi.org/10.1109/CLOUD.2011.10

2011-01-01

Abstract:Virtualization technology is the basis of cloud computing, and the most important property of virtualization is isolation. Isolation guarantees security between virtual machines. However, covert channel breaks the isolation and leaks sensitive message covertly. In this paper, we formally model the isolation into noninterference, and define that all the transmission channels violating noninterference are covert channels. With this definition, we present an identification method based on information flow. This method first compiles the source code into a more structured equivalent code with LLVM. And then a search algorithm is proposed to obtain the shared resources and the operational processes in the equivalent code. A new covert channel termed sharing memory covert timing channel (SMCTC) is identified from Xen source code. We construct channel scenario for SMCTC, and evaluate its threat with the metrics of channel capacity and transmission accuracy. The results show that SMCTC is much more threatened than CPU load based and cache based covert channels etc.

Rui Yang,Xiao Fu,Xiaojiang Du,Bin Luo

DOI: https://doi.org/10.4108/eai.18-6-2016.2264107

2016-01-01

Abstract:In IaaS (such as Amazon EC2 and Microsoft Azure), several VM (virtual-machine) instances usually run in one physical machine so as to improve resource utilization. However this also caused more attack opportunities. A typical example is a cross-VM timing channel. Recent studies show that this kind of covert channel can successfully steal private information (e.g. private key) from the co-resident VM instances. It brought great challenges to the security of the cloud and has absorbed more and more attention in recent years. But to our knowledge, there is still little work on detecting and investigating such covert channel. Therefore, we propose a behavior-based method to automatically detect and investigate the timing channel. First, in order to record the behavior of this covert channel, a page-level memory monitoring method is designed. Second, an automatic identification algorithm is proposed based on some memory activity signatures. Finally, in order to confirm the result, the memory dump will be obtained and the binary code of the suspicious process will be analyzed. We have implemented a prototype on Xen, and the experimental results show that all of these kinds of attacks can be detected even under the disturbance from normal processes.

Yue Zhang,Ziyuan Zhu,Dan Meng

DOI: https://doi.org/10.48550/arXiv.1910.12021

2019-10-26

Abstract:Different from the traditional software vulnerability, the microarchitecture side channel has three characteristics: extensive influence, potent threat, and tough defense. The main reason for the micro-architecture side channel is resource sharing. There are many reasons for resource sharing, one of which is SMT (Simultaneous Multi-Threading) technology. In this paper, we define the SMT Transient Channel, which uses the transient state of shared resources between threads to steal information. To mitigate it, we designed a security demand-based dynamic mitigation (DDM) to Mitigate the SMT transient channels. The DDM writes the processes' security requirements to the CPU register sets, and the operating system calls the HLT instruction to dynamically turn on and off the hyper-threading according to the register values to avoid the side channels caused by execution resource sharing. During the implementation of the scheme, we modified the Linux kernel and used the MSR register groups of Intel processor. The evaluation results show that DDM can effectively protect against the transient side-channel attacks such as PortsMash that rely on SMT, and the performance loss of DDM is less than 8%.

Cryptography and Security

Xiaoshan Sun,Liang Cheng,Yang Zhang

DOI: https://doi.org/10.1109/icc.2011.5962718

2011-01-01

Abstract:A covert channel is a communication channel that bypasses the access controls of the system, and it is a threat to the system's security. In this paper, we propose a new covert timing channel which exploits the algorithmic complexity vulnerabilities in the name lookup algorithm of the kernel. This covert channel has a high capacity and it is practically exploitable. In our experiments, the data rate reaches 2256 bps under a very low error rate. This data rate is high enough for practical use. So our covert channel is dangerous. To our knowledge, no previous works propose this covert channel nor implement it. We describe our design and implementation of the covert channel on a SELinux system, discuss the subtle issues that arose in the design, present performance data of the covert channel and analyse its capacity.

Sheng Wang,Weizhong Qiang,Hai Jin,Jinfeng Yuan

DOI: https://doi.org/10.1007/s10766-015-0391-4

2015-01-01

International Journal of Parallel Programming

Abstract:Memory deduplication improves the memory efficiency of common multi-tenanted cloud. Due to the cross-VM memory sharing, malicious users can mount covert channel attack to steal secret information. While this kind of attack does not break the normal restrictions, it is very hard to detect and defend. In the paper, we present the design, implementation and evaluation of CovertInspector--a VMM-based system to identify and eliminate a covert timing channel constructed on shared memory. Our proof-of-concept prototype is built on KVM and Kernel Samepage Merging (KSM), with minor modification to KVM hypervisor (about 300 LOC). Further evaluation shows that CovertInspector is able to fully identify and eliminate such kind of covert channel with tolerable impact to the performance of guest VMs.

Nils Wistoff,Moritz Schneider,Frank K. Gürkaynak,Luca Benini,Gernot Heiser

DOI: https://doi.org/10.48550/arXiv.2005.02193

2020-05-01

Abstract:Covert channels enable information leakage across security boundaries of the operating system. Microarchitectural covert channels exploit changes in execution timing resulting from competing access to limited hardware resources. We use the recent experimental support for time protection, aimed at preventing covert channels, in the seL4 microkernel and evaluate the efficacy of the mechanisms against five known channels on Ariane, an open-source 64-bit application-class RISC-V core. We confirm that without hardware support, these defences are expensive and incomplete. We show that the addition of a single-instruction extension to the RISC-V ISA, that flushes microarchitectural state, can enable the OS to close all five evaluated covert channels with low increase in context switch costs and negligible hardware overhead. We conclude that such a mechanism is essential for security.

Cryptography and Security,Hardware Architecture

Kevin Lamshöft,Jana Dittmann

DOI: https://doi.org/10.1016/j.ifacol.2020.12.258

2020-01-01

Abstract:Recent findings in research on malware threats indicate an increasing use of information hiding techniques as a novel approach for compromising IT-Systems by using covert functions and hidden channels. Especially in the context of covert intrusion and data exfiltration, networks of Industrial Control Systems (ICS) are a valuable target for information hiding based attacks. In this paper we discuss how 18 known patterns of information hiding in networks can be applied to protocols found in ICS networks and demonstrate how information can be covertly embedded and retrieved at the example of Modbus/TCP to achieve an overall protocol-compliance by also studying the embedding capacity. Additionally we provide a first tendency of warden- compliance, if the warden has a suspicion that there is a hidden message (conspicuousness). For a practical analysis we introduce an evaluation framework based on open-source software enabling assessment and quick implementation of hidden channels in common protocols found in ICS networks. In combination with a pattern-based approach for the identification of hidden channels, we show how this framework can be utilized as a systematic approach to identify and evaluate plausible hidden channels in industrial communication protocols. From the 14 identified patterns, in this paper we use the introduced framework to implement and evaluate two exemplary timing and storage channels in Modbus/TCP. Our results show 14 protocol-compliant patterns of information hiding based attacks in the context of Industrial Control Systems as well as the necessity of more research in this particular field, especially in terms of further plausible combination of pattern, warden-compliance, detection and mitigation strategies.

Chong Wang,Nasro Min-Allah,Bei Guan,Yu-Qi Lin,Jing-Zheng Wu,Yong-Ji Wang

DOI: https://doi.org/10.1007/s11390-019-1979-8

IF: 1.871

2019-01-01

Journal of Computer Science and Technology

Abstract:Covert channels have been an effective means for leaking confidential information across security domains and numerous studies are available on typical covert channels attacks and defenses. Existing covert channel threat restriction solutions are based on the threat estimation criteria of covert channels such as capacity, accuracy, and short messages which are effective in evaluating the information transmission ability of a covert (storage) channel. However, these criteria cannot comprehensively reflect the key factors in the communication process such as shared resources and synchronization and therefore are unable to evaluate covertness and complexity of increasingly upgraded covert storage channels. As a solution, the anti-detection criterion was introduced to eliminate these limitations of cover channels. Though effective, most threat restriction techniques inevitably incur high performance overhead and hence become impractical. In this work, we avoid such overheads and present a restriction algorithm based on the anti-detection criterion to restrict threats that are associated with covert storage channels in virtual machines while maintaining the resource efficiency of the systems. Experimental evaluation shows that our proposed solution is able to counter covert storage channel attacks in an effective manner. Compared with Pump, a well-known traditional restriction algorithm used in practical systems, our solution significantly reduces the system overhead.

Jiliang Zhang,Congcong Chen,Jinhua Cui,Keqin Li

DOI: https://doi.org/10.1145/3645109

IF: 16.6

2024-02-07

ACM Computing Surveys

Abstract:Microarchitectural vulnerabilities, such as Meltdown and Spectre, exploit subtle microarchitecture state to steal the user’s secret data and even compromise the operating systems (OSes). In recent years, considerable discussion lies in understanding the attack-defense mechanisms and exploitability of such vulnerabilities. Unfortunately, there have been few investigations into a systematic elaboration of threat models, attack scenarios and requirements, and defense targets of the resulting attacks. In this article, we fill this gap and make the following contributions. We first propose two sets of taxonomies for classifying microarchitectural timing side-channel attacks (MTSCAs) and their countermeasures according to various attack conditions. Based on the taxonomies proposed, we then review published attacks and existing defenses and systematically analyze their internals. In particular, we also provide a comprehensive analysis of the similarities and differences among those attacks, uncovering the corresponding practicality and severity by identifying the attack targets/platforms and the security boundaries that can be bypassed to reveal information. We further examine the scalability of those defenses through specifying expected defense goals and costs. We also discuss corresponding detection methods based on different classifications. Finally, we propose several key challenges of existing countermeasures and the attack trends, and discuss directions for future research.

computer science, theory & methods

Jawad Haj-Yahya,Jeremie S. Kim,A. Giray Yaglikci,Ivan Puddu,Lois Orosa,Juan Gómez Luna,Mohammed Alser,Onur Mutlu

DOI: https://doi.org/10.48550/arXiv.2106.05050

2021-06-09

Distributed, Parallel, and Cluster Computing

Abstract:To operate efficiently across a wide range of workloads with varying power requirements, a modern processor applies different current management mechanisms, which briefly throttle instruction execution while they adjust voltage and frequency to accommodate for power-hungry instructions (PHIs) in the instruction stream. Doing so 1) reduces the power consumption of non-PHI instructions in typical workloads and 2) optimizes system voltage regulators' cost and area for the common use case while limiting current consumption when executing PHIs. However, these mechanisms may compromise a system's confidentiality guarantees. In particular, we observe that multilevel side-effects of throttling mechanisms, due to PHI-related current management mechanisms, can be detected by two different software contexts (i.e., sender and receiver) running on 1) the same hardware thread, 2) co-located Simultaneous Multi-Threading (SMT) threads, and 3) different physical cores. Based on these new observations on current management mechanisms, we develop a new set of covert channels, IChannels, and demonstrate them in real modern Intel processors (which span more than 70% of the entire client and server processor market). Our analysis shows that IChannels provides more than 24x the channel capacity of state-of-the-art power management covert channels. We propose practical and effective mitigations to each covert channel in IChannels by leveraging the insights we gain through a rigorous characterization of real systems.

Ziye Yang,Ping Chen

DOI: https://doi.org/10.1109/CLOUDCOM-ASIA.2013.62

2013-01-01

Abstract:The weakness of performance isolation in system virtualization leaks a time window for various kinds of attacks which can be leveraged by malicious users to threaten the security of the virtual machines (VMs) atop or construct hidden information channel. In this paper, we propose vLeaker, a practical covert timing channel built on fine-grained VM I/O performance interference, by which VMs co-resident in storage aspect can exchange the information with relatively high transmission speed and low data error rate. We evaluate our vLeaker system on Xen and VMware hypervisor and show that the maximal transmission rate can arrive at 125 bps on our local testbed. Moreover, the effective transmission rate ranges from 72 to 124 bps with average error rate lower than 13% under different configurations.

Liuxing He,Xiao Li,Wenchang Shi,Zhaohui Liang,Bin Liang

DOI: https://doi.org/10.1007/978-94-007-2105-0_24

2011-01-01

Abstract:Integrity Measurement Mechanisms (IMMs) can be used to detect tampering attacks to integrity of system components, so as to ensure trustworthiness of a system. If an IMM has been compromised, measurement results are untrustworthy. Therefore, IMMs must be protected to provide credible measurement results. In this paper, we propose an isolation mechanism based on the Intel VMX technology to protect an IMM from being tampered with, even if the whole operating system (OS) is untrusted. The isolation mechanism we proposed can be divided into two parts, one of which is a module running inside an OS while the other one is a hypervisor running as the basis of this OS. As an IMM may be attacked by untrusted software in the way of writing its memory, the module of our isolation mechanism is used to modify the access permission of the IMM. Nevertheless, the threat is not disappeared as untrusted software may run in kernel mode and thus they can also modify the access permission of an IMM. Benefiting from the Intel VMX technology, the hypervisor of our isolation mechanism can monitor and stop these abnormal behaviors of untrusted software. To evaluate our approach, we implement a prototype system named VIsolator. Experimental results indicate that it can effectively and efficiently protect an IMM from being tampered with. © 2011 Springer Science+Business Media B.V.

Yannan Liu,Lingxiao Wei,Zhe Zhou,Kehuan Zhang,Wenyuan Xu,Qiang Xu

DOI: https://doi.org/10.1145/2976749.2978299

2016-01-01

Abstract:With the proliferation of Internet of Things, there is a growing interest in embedded system attacks, e.g., key extraction attacks and firmware modification attacks. Code execution tracking, as the first step to locate vulnerable instruction pieces for key extraction attacks and to conduct control-flow integrity checking against firmware modification attacks, is therefore of great value. Because embedded systems, especially legacy embedded systems, have limited resources and may not support software or hardware update, it is important to design low-cost code execution tracking methods that require as little system modification as possible. In this work, we propose a non-intrusive code execution tracking solution via power-side channel, wherein we represent the code execution and its power consumption with a revised hidden Markov model and recover the most likely executed instruction sequence with a revised Viterbi algorithm. By observing the power consumption of the microcontroller unit during execution, we are able to recover the program execution flow with a high accuracy and detect abnormal code execution behavior even when only a single instruction is modified.

Baolei Mao,Wei Hu,Alric Althoff,Janarbek Matai,Yu Tai,Dejun Mu,Timothy Sherwood,Ryan Kastner

DOI: https://doi.org/10.1109/tcad.2017.2768420

IF: 2.9

2018-01-01

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

Abstract:Cryptographic cores are known to leak information about their private key due to runtime variations, and there are many well-known attacks that can exploit this timing channel. In this paper, we study how information theoretic measures can quantify the amount of key leakage that can be exacted from runtime measurements. We develop and analyze 22 Rivest-Shamir-Adleman (RSA) hardware designs-each with unique performance optimizations, timing channel mitigation techniques, or discretization/randomization countermeasures. We demonstrate the effectiveness of information theoretic measures for quantifying timing leakage through correlation analysis of information theoretic measurements and attack results. Experimental results show that mutual information is a promising technique for quantifying timing leakage for RSA, advanced encryption standard, and elliptic curve cryptography ciphers, i.e., the mutual information correlates to being able to successfully guess the value of the private key. This is an important step toward a hardware security metric which allows designers to reason about security alongside traditional hardware design metrics like area, performance, and power.

Pol Van Aubel,Kostas Papagiannopoulos,Łukasz Chmielewski,Christian Doerr

DOI: https://doi.org/10.48550/arXiv.1712.05745

2017-12-16

Abstract:Industrial Control Systems are under increased scrutiny. Their security is historically sub-par, and although measures are being taken by the manufacturers to remedy this, the large installed base of legacy systems cannot easily be updated with state-of-the-art security measures. We propose a system that uses electromagnetic side-channel measurements to detect behavioural changes of the software running on industrial control systems. To demonstrate the feasibility of this method, we show it is possible to profile and distinguish between even small changes in programs on Siemens S7-317 PLCs, using methods from cryptographic side-channel analysis.

Cryptography and Security

Yu Jin,Pengfei Qiu,Chunlu Wang,Yihao Yang,Dongsheng Wang,Gang Qu

2023-04-21

Abstract:The transient execution attack is a type of attack leveraging the vulnerability of modern CPU optimization technologies. New attacks surface rapidly. The side-channel is a key part of transient execution attacks to leak data. In this work, we discover a vulnerability that the change of the EFLAGS register in transient execution may have a side effect on the Jcc (jump on condition code) instruction after it in Intel CPUs. Based on our discovery, we propose a new side-channel attack that leverages the timing of both transient execution and Jcc instructions to deliver data. This attack encodes secret data to the change of register which makes the execution time of context slightly slower, which can be measured by the attacker to decode data. This attack doesn't rely on the cache system and doesn't need to reset the EFLAGS register manually to its initial state before the attack, which may make it more difficult to detect or mitigate. We implemented this side-channel on machines with Intel Core i7-6700, i7-7700, and i9-10980XE CPUs. In the first two processors, we combined it as the side-channel of the Meltdown attack, which could achieve 100\% success leaking rate. We evaluate and discuss potential defenses against the attack. Our contributions include discovering security vulnerabilities in the implementation of Jcc instructions and EFLAGS register and proposing a new side-channel attack that does not rely on the cache system.

Cryptography and Security

JIN Wei,LI Ming-lu,WENG Chu-liang

DOI: https://doi.org/10.3969/j.issn.1000-3428.2011.15.036

2011-01-01

Abstract:This paper aims to explore the security of the Virtual Machine Monitor(VMM),combined with open source virtualization software Xen to analyze the potential threats and vulnerabilities,such as tampering with hypercalls,malicious direct memory access.It designs and implements a way to undermine the stability of virtual machine by modifying VCPU state and meanwhile give countermeasures,such as verifying critical data structures to discover whether it is invaded,or forbidding the loading of module to eliminate all possible security risks posed by the module.

Stien Vanderhallen,Jo Van Bulck,Frank Piessens,Jan Tobias Mühlberg

DOI: https://doi.org/10.1016/j.comnet.2021.108079

IF: 5.493

2021-07-01

Computer Networks

Abstract:<p>Automotive control networks offer little resistance against security threats that come with the long-range connectivity in modern cars. Remote attacks that undermine the safety of vehicles have been shown to be practical. A range of security mechanisms have been proposed to harden resource-constrained embedded microcontrollers against malicious interference, including cryptographic protocols that establish the authenticity of in-vehicle message exchange. However, authenticated communication comes with repercussions on deployability and vehicle safety in terms of reliability, real-time compliance, backwards compatibility, and bandwidth and resource use.</p><p>In this article we investigate benign, defencive uses of <em>covert channels</em> to implement and support vehicular message authentication mechanisms as a transparent, resource-conserving approach to automotive network security. We provide the first comprehensive evaluation of covert channels in Controller Area Networks (CAN) with respect to the attainable bandwidth and reliability of covert communication. Our analysis identifies timing-based covert channels as candidates to design a <em>complementary</em> nonce synchronisation channel that can enhance robustness against message loss in existing authentication schemes. We practically implement and evaluate this design on top of an open-source authenticated CAN communication library, showing that covert timing channels can improve communication robustness in benign circumstances, while not reducing the security guarantees of the underlying authentication primitives when under attack.</p>

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Ronny Chevalier,Maugan Villatel,David Plaquin,Guillaume Hiet

DOI: https://doi.org/10.1145/3134600.3134622

2018-03-07

Abstract:Highly privileged software, such as firmware, is an attractive target for attackers. Thus, BIOS vendors use cryptographic signatures to ensure firmware integrity at boot time. Nevertheless, such protection does not prevent an attacker from exploiting vulnerabilities at runtime. To detect such attacks, we propose an event-based behavior monitoring approach that relies on an isolated co-processor. We instrument the code executed on the main CPU to send information about its behavior to the monitor. This information helps to resolve the semantic gap issue. Our approach does not depend on a specific model of the behavior nor on a specific target. We apply this approach to detect attacks targeting the System Management Mode (SMM), a highly privileged x86 execution mode executing firmware code at runtime. We model the behavior of SMM using invariants of its control-flow and relevant CPU registers (CR3 and SMBASE). We instrument two open-source firmware implementations: EDK II and coreboot. We evaluate the ability of our approach to detect state-of-the-art attacks and its runtime execution overhead by simulating an x86 system coupled with an ARM Cortex A5 co-processor. The results show that our solution detects intrusions from the state of the art, without any false positives, while remaining acceptable in terms of performance overhead in the context of the SMM (i.e., less than the 150 $\mu$s threshold defined by Intel).

Cryptography and Security