IRIS

We present a kernel-level infrastructure that allows system-wide detection of malicious applications attempting to exploit cache-based side-channel attacks to break the process confinement enforced by standard operating systems. This infrastructure relies on hardware performance counters to collect information at runtime from all applications running on the machine. High-level detection metrics are derived from these measurements to maximize the likelihood of promptly detecting a malicious application. Our experimental assessment shows that we can catch a large family of side-channel attacks with a significantly reduced overhead. We also discuss countermeasures that can be enacted once a process is suspected of carrying out a side-channel attack to increase the overall tradeoff between the system’s security level and the delivered performance under non-suspected process executions.

Carnà, S., Ferracci, S., Quaglia, F., Pellegrini, A. (2022). Fight Hardware with Hardware: System-wide Detection and Mitigation of Side-Channel Attacks using Performance Counters. DIGITAL THREATS.

Fight Hardware with Hardware: System-wide Detection and Mitigation of Side-Channel Attacks using Performance Counters

Quaglia Francesco;Pellegrini Alessandro
2022-01-01

Abstract

We present a kernel-level infrastructure that allows system-wide detection of malicious applications attempting to exploit cache-based side-channel attacks to break the process confinement enforced by standard operating systems. This infrastructure relies on hardware performance counters to collect information at runtime from all applications running on the machine. High-level detection metrics are derived from these measurements to maximize the likelihood of promptly detecting a malicious application. Our experimental assessment shows that we can catch a large family of side-channel attacks with a significantly reduced overhead. We also discuss countermeasures that can be enacted once a process is suspected of carrying out a side-channel attack to increase the overall tradeoff between the system’s security level and the delivered performance under non-suspected process executions.
2022
In corso di stampa
Rilevanza internazionale
Articolo
Esperti anonimi
Settore ING-INF/05 - SISTEMI DI ELABORAZIONE DELLE INFORMAZIONI
English
side-channel attack; covert channel; detection; mitigation; hardware performance counters; operating systems
Carnà, S., Ferracci, S., Quaglia, F., Pellegrini, A. (2022). Fight Hardware with Hardware: System-wide Detection and Mitigation of Side-Channel Attacks using Performance Counters. DIGITAL THREATS.
Carnà, S; Ferracci, S; Quaglia, F; Pellegrini, A
Articolo su rivista
01 - Articolo su rivista
File in questo prodotto:
File Dimensione Formato  
Fight_Hardware_with_Hardware__System_wide_Detection_of_Side_Channel_Attacks_using_Performance_Counters.pdf

solo utenti autorizzati

Tipologia: Documento in Post-print
Licenza: Copyright dell'editore
Dimensione 1 MB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
1 MB Adobe PDF   Visualizza/Apri   Richiedi una copia
3519601.pdf

solo utenti autorizzati

Tipologia: Versione Editoriale (PDF)
Licenza: Copyright dell'editore
Dimensione 1.01 MB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
1.01 MB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2108/293776
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact