Performance e cient cache-partitioning based defense against cross-core covert channel attacks on last level cache

Abstract

Caches, small-sized memory units placed near the CPU, compensate for the speed disparity between the main memory and processor. These caches, while improving performance, have become prime targets for cache timing channel attacks, which exploit cache characteristics to reveal secrets to adversaries. The vulnerability stems from two key cache properties: shared usage among di↵erent processes and the significant time di↵erence between a cache hit and miss. These attacks manifest as Side Channel Attacks (SCA) to leak cryptographic keys (e.g., AES, RSA, ECDSA) and as Covert Channel Attacks (CCA) for surreptitious communication between suspicious processes. Such attacks are particularly stealthy in shared environments like cloud computing, where di↵erent security domains share underlying cache hardware. Cache partitioning-based attack prevention mechanisms address these threats by eliminating cache sharing. However, static partitioning leads to considerable system performance degradation due to under-utilization of cache capacity. These defenses, focusing on SCA, are ine↵ective against CCA where the identity of critical data isn’t f ixed, and there is no ‘innocent victim’ process, unlike SCAs. We uncover that dynamic partitioning methods, while solving performance issues, introduce new security vulnerabilities. We propose two novel attacks that exploit these vulnerabilities: CPCC, a two-core attack leveraging partitioning interference, and ACPC, a more generic multi-core attack. These attacks have been tested on LLC with dynamic partitioning techniques like UCP, PIPP, CIACP, and DAAIP, observing a maximum noise of 5.56%. We proposed two static partitioning based defense against covert channel attacks, that are performance e cient and does not become source of new attacks. The first work named Targeted Pseudo Partitioning based Defense (TPPD) first detects the presence of attacks and involved processes and sets based on conflict misses pattern. Then TPPD limits cross-process misses between spy and trojan based on a threshold. There is no modification for innocent processes thus, an insignificant impact of less than 1% was observed for TPPD. Gem5, a full system simulator was used for these experiments. As TPPD functions for process pair, it can not protect caches against multi-spy based covert channel attacks. It can also lead to significant performance degradation and probable denial of services in case of attack across all sets. In our third and final work we proposed a targeted pseudo static partitioning that provides protection against more sophisticated attacks. With LRU implementation it has maximum of 0.9% degradation in IPC compared to base line and similar results were observed with other replacement policies such as LFU, FCFS and SRRIP. It can be implemented with storage overhead of 1.45% of total LLC size while this overhead can be further decreased with two design choices proposed as a part of this work.