### THE GEORGE WASHINGTON UNIVERSITY WASHINGTON, DC

# Hardware-based Cache Auditing to Aid Cache Timing Channel Detection\*

### 1. Background

- Timing channel attacks illicitly leaks sensitive secrets to malicious parties
  - In *covert* channels, Trojan (sender) and Spy (receiver) collude to subvert system security policy
  - In *side* channels, a benign victim unknowingly leaks sensitive data to a malicious spy

### 2. Cache Timing Channel Attacks



### Cache Timing Channel Attacks

- Cache timing channels are extremely stealthy
- Very challenging to detect due to various communication protocols involved (parallel, serial; single group/multiple groups etc.)

## 3. Existing Detections and Motivation

Software-based detection mechanism<sup>[1]</sup>



Based on high level statistics from Performance Counters (LLC misses) No need for architecture supports May be subject to high false negatives/positives

✤ Hardware-based detection mechanism<sup>[2]</sup> Finer-grained statistics and higher effectiveness

Do not provide high coverage and/or incur non-trivial overheads

\* A solution that captures the fundamental characteristic of cache timing channels (high coverage) with minimal design cost.

Fan Yao, Hongyu Fang, Guru Venkataramani and Miloš Doroslovački The George Washington University | Washington, DC

## 4. Hardware-based Cache Auditing

### Capture the building block for communicating secrets on caches

- Cache conflicts occur at set level To ensure conflicts, Trojan and/or Spy
- have to fill all the ways in a targeted set

### Hardware-based Cache Auditing

- *Capture the atomic communicating semantic*: Spy access *>* Trojan Fill (full way occupancy)  $\rightarrow$  spy access (full occupancy destroyed)
- in the spy (or vice versa), **WOE**
- to eliminate the events



All figures show the breakdown of way occupancy on a single hot set for the four applications running on distinct cores.



100%100%ţ 80% 60% 60% 40% 40% **Å** 20% 20% Trigger Ratio (0~1.0, bin width 0.02) SPEC2006 wd: (bzip2, Ibm, hmmer, namd) 100% 100% ▶ 80% 80% 60% 60% 40% 40% å 20% 20% Trigger Ratio (0~1.0, bin width 0.02) SPEC2006 wd: (Gems, h264r, omn, xala)



**Track a single event**: when the Trojan's full way occupancy is destroyed

No reliance on communication protocol modeling, fundamentally hard

## 5. System Design & Exp. Setup

Cache Auditing Design Overview

- Bookkeeping ownership of cache lines (a few extra bits, may already be maintained Cache by modern processors)
- Recording WOE occurrence for each pair (e.g., a pair of cores) Interfacing with Operating System. Provide
- statistics for further diagnosis

### Experimental Setup

- All experiments run with cycle-accurate simulation on Gem5
- Simulate a 4-core OoO processor with 32KB private L1 Caches and
- one shared 512KB L2 Cache
- Full system mode with Linux kernel version 2.6.32

## 7. WOE Statistics







Way occupancy bookkeeping

### 8. Conclusion

- We observed a way occupancy event that is fundamentally related to cache channel attacks. We proposed a cache auditor that collect WOE statistics to aid cache channel detection.
- Our results showed that the proposed method is effective in identifying cache timing channels.
- [1] M. Chiappetta, S. Erkay, and C. Yilmaz. "Real time detection of cache-based side-channel attacks using hardware performance counters." Applied Soft Computing, 2016.
- [2] J. Chen, and G. Venkataramani. "CC-hunter: Uncovering covert timing channels on shared processor hardware." MICRO, 2014. This work was supported in part by Semiconductor Research Corporation (SRC).