Efficient and Verifiable Timing Channel Protection for Multi-Core Processors
| dc.contributor.author | Wang, Yao | |
| dc.contributor.chair | Suh, Gookwon Edward | |
| dc.contributor.committeeMember | Myers, Andrew C. | |
| dc.contributor.committeeMember | Batten, Christopher | |
| dc.date.accessioned | 2017-04-04T20:28:22Z | |
| dc.date.available | 2017-04-04T20:28:22Z | |
| dc.date.issued | 2017-01-30 | |
| dc.description.abstract | Modern computing systems are becoming increasingly vulnerable to timing channel attacks that leak confidential information through the timing of microarchitectural events. Many timing channel attacks are caused by the interference between different programs in the shared resources of a multi-core processor. For example, an attacker program's cache lines can be evicted by a victim program, which allows the attacker to infer secret information about the victim. Timing channel attacks pose serious threats to contemporary computing systems because they can bypass traditional defense mechanisms such as access control. Previous studies have even demonstrated a practical timing channel attack to recover the keystrokes of a user in the commercial Amazon EC2 cloud. In this thesis, we explored new timing channel attacks and developed timing channel protection schemes for some of the hardware resources in a multi-core processor. Specifically, we discovered new timing channel attacks in the shared on-chip networks and memory controllers. We proposed multiple protection mechanisms for on-chip networks, caches and memory controllers. Our protection schemes cover three high-level approaches: bi-directional protections, uni-directional protections and protections that trade off security for performance. We evaluate our protection schemes and show that the proposed schemes are effective against timing channel attacks while achieving performance improvements over previous protection schemes. Finally, we implemented some of the protection mechanisms in RTL and used SecVerilog to verify the information flow control in hardware. The results show that the protection mechanisms indeed remove timing channels at the gate level. | |
| dc.identifier.doi | https://doi.org/10.7298/X49K487W | |
| dc.identifier.other | Wang_cornellgrad_0058F_10146 | |
| dc.identifier.other | http://dissertations.umi.com/cornellgrad:10146 | |
| dc.identifier.other | bibid: 9906125 | |
| dc.identifier.uri | https://hdl.handle.net/1813/47878 | |
| dc.language.iso | en_US | |
| dc.subject | Computer engineering | |
| dc.subject | Computer science | |
| dc.subject | Computer Architecture | |
| dc.subject | Memory Controller | |
| dc.subject | Security | |
| dc.subject | SecVerilog | |
| dc.subject | Timing Channel | |
| dc.subject | cache | |
| dc.title | Efficient and Verifiable Timing Channel Protection for Multi-Core Processors | |
| dc.type | dissertation or thesis | |
| dcterms.license | https://hdl.handle.net/1813/59810 | |
| thesis.degree.discipline | Electrical and Computer Engineering | |
| thesis.degree.grantor | Cornell University | |
| thesis.degree.level | Doctor of Philosophy | |
| thesis.degree.name | Ph. D., Electrical and Computer Engineering |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- Wang_cornellgrad_0058F_10146.pdf
- Size:
- 2.82 MB
- Format:
- Adobe Portable Document Format