跳到主要內容

臺灣博碩士論文加值系統

(18.97.14.81) 您好!臺灣時間:2025/01/21 14:12
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:林元泰
研究生(外文):Lin, Yuan-Tai
論文名稱:一個基於超過兩個群組的安全動態快取記憶體配置方法
論文名稱(外文):M-parties partitioning : A Secure Dynamic Cache Partitioning by More Than Two Parties
指導教授:黃婷婷黃婷婷引用關係
指導教授(外文):Hwang, Ting-Ting
口試委員:吳中浩劉一宇
口試委員(外文):Wu, Chung-HawLiu, Yi-Yu
口試日期:2022-07-21
學位類別:碩士
校院名稱:國立清華大學
系所名稱:資訊系統與應用研究所
學門:電算機學門
學類:系統設計學類
論文種類:學術論文
論文出版年:2022
畢業學年度:110
語文別:英文
論文頁數:57
中文關鍵詞:硬體安全快取記憶體分群
外文關鍵詞:Hardware securityCachePartitioning
相關次數:
  • 被引用被引用:0
  • 點閱點閱:183
  • 評分評分:
  • 下載下載:15
  • 收藏至我的研究室書目清單書目收藏:0
多核處理器已經被大量運用在現代的電子產品中,為了增加各個核心中的處理程序的執行效率,最底層快取可以被所有核心取用且處理程序不需要特殊權限就可以改變快取的狀態。因此,這個最底層快取的漏洞被許多應用快取的旁路攻擊利用,造成一個領域的機密資料被洩漏至另一個領域。

快取記憶體配置是應用快取的旁路攻擊的解決方法之一,動態配置的效率比靜態配置來的出色,但會遭受到根據快取分配結果來推論出機密資料的攻擊方法所攻擊。因此,許多具安全性的動態配置方法被提出並用來保護機密資料,這些方法透過不將機密程式的快取需求納入配置的演算法,藉此從快取分配結果上保護機密程式。

我們提出了一個基於超過兩個群組的安全動態快取記憶體配置方法,我們的方法將所有程式的快取需求納入產生快取分配結果的考量。如果系統有安全考量,我們的方法會啟動一個虛擬程式藉以混肴產生出來的快取分配結果。實驗結果顯示我們的方法對於靜態配置達到4.3\%的效率提升並在虛擬程式啟動時表現得比另一個具安全性的動態配置來得優秀。
In nowadays, multi-core processors are widely used in modern designs. To improve the performance of processes by all cores, the last-level cache (LLC) is shared by processes and processes can change the state of LLC without privileged permission. Therefore, a number of cache-based side channel attacks were proposed to exploit the vulnerability of LLC to leak confidential information of one domain to another domain.

Cache partitioning is a countermeasure to the cache-based side channel attacks. Dynamic cache partitioning has better performance than static cache partitioning, but suffers from the attacks that deduce the confidential information from cache allocations. Hence, several secure dynamic cache partitioning mechanisms are proposed to protect the confidential information by excluding the cache demands of confidential applications from partitioning mechanisms.

We present the M-parties partitioning, a dynamic cache partitioning that utilize all cache demands of involved applications to generate cache allocations. The M-parties partitioning activates the Dummy application to obfuscate the patterns of cache allocations if the system is in the security concerned. The evaluation results show that the M-parties partitioning achieves 4.3\% improvement over static cache partitioning when the Dummy application is deactivated and performs better than another secure cache partitioning mechanism when the Dummy application is activated.
1 Introduction 1
2 Previous Work 5
2.1 Cache-based side channel attacks . . . . . . . . . . . . . . . . . . . . . . . . . 5
2.1.1 Cache timing channel attacks . . . . . . . . . . . . . . . . . . . . . . . 6
2.1.2 Spectre-liked attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1.3 Covert channel attacks . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.2 Cache side channel attack solutions . . . . . . . . . . . . . . . . . . . . . . . 9
2.2.1 Randomize the memory-to-cache mapping . . . . . . . . . . . . . . . 10
2.2.2 Protect cache timing information by cache partitioning . . . . . . . . . 10
3 Motivation 13
4 Secure Dynamic Cache Partition 17
4.1 Threat model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
4.2 Security policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
4.3 Security proof of 3-party system . . . . . . . . . . . . . . . . . . . . . . . . . 19
5 Secure Cache Shared by More Than Two Parties 23
5.1 System overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
5.2 Mapping 2-party system to 3-party system by Dummy application . . . . . . . 25
5.3 Partitioning algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
5.3.1 Dummy activation controller . . . . . . . . . . . . . . . . . . . . . . . 29
5.3.2 Utility monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
5.3.3 Minimum loss controlling function . . . . . . . . . . . . . . . . . . . 33
5.3.4 Maximum gain controlling function . . . . . . . . . . . . . . . . . . . 35
5.4 The way allocation function and replacement policy . . . . . . . . . . . . . . . 36
6 Experimental Results 39
6.1 Experimental setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
6.2 Benchmark categorization and workload generation . . . . . . . . . . . . . . . 39
6.3 Performance evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
6.4 Analysis on cache allocations . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
iii
6.5 Comparisons with other secure dynamic cache partition mechanism . . . . . . 48
6.6 M-parties partitioning in real world . . . . . . . . . . . . . . . . . . . . . . . . 48
7 Conclusions 53
References 55
[1] Y. Yarom and K. E. Falkner, “Flush+reload: a high resolution, low noise, l3 cache side-
channel attack.,” IACR Cryptology ePrint Archive, vol. 2013, p. 448, 2013.
[2] C. Tang, P. Liu, C. Ma, Z. Liu, and J. Ge, “Flush+time: A high accuracy and high resolu-
tion cache attack on arm-fpga embedded soc,” in 2020 IEEE 38th VLSI Test Symposium
(VTS), pp. 1–6, 2020.
[3] M. Lipp, D. Gruss, R. Spreitzer, C. Maurice, and S. Mangard, “ARMageddon: Cache
attacks on mobile devices,” in 25th USENIX Security Symposium (USENIX Security
16), (Austin, TX), pp. 549–564, USENIX Association, Aug. 2016.
[4] D. Gullasch, E. Bangerter, and S. Krenn, “Cache games – bringing access-based cache
attacks on aes to practice,” in 2011 IEEE Symposium on Security and Privacy, pp. 490–
505, 2011.
[5] F. Liu, Y. Yarom, Q. Ge, G. Heiser, and R. B. Lee, “Last-level cache side-channel attacks
are practical,” in 2015 IEEE Symposium on Security and Privacy, pp. 605–622, 2015.
[6] P. Kocher, J. Horn, A. Fogh, D. Genkin, D. Gruss, W. Haas, M. Hamburg, M. Lipp,
S. Mangard, T. Prescher, M. Schwarz, and Y. Yarom, “Spectre attacks: Exploiting spec-
ulative execution,” Commun. ACM, vol. 63, p. 93–101, jun 2020.
[7] M. Lipp, M. Schwarz, D. Gruss, T. Prescher, W. Haas, A. Fogh, J. Horn, S. Mangard,
P. Kocher, D. Genkin, Y. Yarom, and M. Hamburg, “Meltdown: Reading kernel memory
from user space,” in 27th USENIX Security Symposium (USENIX Security 18), (Balti-
more, MD), pp. 973–990, USENIX Association, Aug. 2018.
[8] A. Agarwal, J. Kaur, and S. Das, “Exploiting secrets by leveraging dynamic cache par-
titioning of last level cache,” in 2021 Design, Automation Test in Europe Conference
Exhibition (DATE), pp. 1691–1696, 2021.
[9] K. N. Khasawneh, E. M. Koruyeh, C. Song, D. Evtyushkin, D. Ponomarev, and N. Abu-
Ghazaleh, “Safespec: Banishing the spectre of a meltdown with leakage-free speculation,”
in 2019 56th ACM/IEEE Design Automation Conference (DAC), pp. 1–6, 2019.
[10] M. Yan, J. Choi, D. Skarlatos, A. Morrison, C. Fletcher, and J. Torrellas, “Invisispec:
Making speculative execution invisible in the cache hierarchy,” in 2018 51st Annual
IEEE/ACM International Symposium on Microarchitecture (MICRO), pp. 428–441, 2018.
[11] S. Ainsworth and T. M. Jones, “Muontrap: Preventing cross-domain spectre-like attacks
by capturing speculative state,” in Proceedings of the ACM/IEEE 47th Annual Interna-
tional Symposium on Computer Architecture, ISCA ’20, p. 132–144, IEEE Press, 2020.
[12] Z. Xu, L. Yin, Y. Lyu, H. Wang, G. Qu, and D. Wang, “Cacheguard: A behavior model
checker for cache timing side-channel security: (invited paper),” in 2022 27th Asia and
South Pacific Design Automation Conference (ASP-DAC), pp. 19–24, 2022.
[13] Z. Wang and R. B. Lee, “New cache designs for thwarting software cache-based side
channel attacks,” SIGARCH Comput. Archit. News, vol. 35, p. 494–505, jun 2007.
[14] F. Liu and R. B. Lee, “Random fill cache architecture,” in 2014 47th Annual IEEE/ACM
International Symposium on Microarchitecture, pp. 203–215, 2014.
[15] F. Liu, Q. Ge, Y. Yarom, F. Mckeen, C. Rozas, G. Heiser, and R. B. Lee, “Catalyst: Defeat-
ing last-level cache side channel attacks in cloud computing,” in 2016 IEEE International
Symposium on High Performance Computer Architecture (HPCA), pp. 406–418, 2016.
[16] G. Saileshwar, S. Kariyappa, and M. Qureshi, “Bespoke cache enclaves: Fine-grained
and scalable isolation from cache side-channels via flexible set-partitioning,” in 2021 In-
ternational Symposium on Secure and Private Execution Environment Design (SEED),
pp. 37–49, 2021.
[17] M. K. Qureshi and Y. N. Patt, “Utility-based cache partitioning: A low-overhead, high-
performance, runtime mechanism to partition shared caches,” in 2006 39th Annual
IEEE/ACM International Symposium on Microarchitecture (MICRO’06), pp. 423–432,
2006.
[18] V. Kiriansky, I. Lebedev, S. Amarasinghe, S. Devadas, and J. Emer, “Dawg: A defense
against cache timing attacks in speculative execution processors,” in 2018 51st Annual
IEEE/ACM International Symposium on Microarchitecture (MICRO), pp. 974–987, 2018.
[19] Y. Wang, A. Ferraiuolo, D. Zhang, A. C. Myers, and G. E. Suh, “Secdcp: Se-
cure dynamic cache partitioning for efficient timing channel protection,” in 2016 53nd
ACM/EDAC/IEEE Design Automation Conference (DAC), pp. 1–6, 2016.
[20] S. Sari, O. Demir, and G. Kucuk, “Fairsdp: Fair and secure dynamic cache partitioning,”
in 2019 4th International Conference on Computer Science and Engineering (UBMK),
pp. 469–474, 2019.
[21] P. Li, L. Zhao, R. Hou, L. Zhang, and D. Meng, “Conditional speculation: An effective
approach to safeguard out-of-order execution against spectre attacks,” in 2019 IEEE Inter-
national Symposium on High Performance Computer Architecture (HPCA), pp. 264–276,
2019.
[22] J. Yu, M. Yan, A. Khyzha, A. Morrison, J. Torrellas, and C. W. Fletcher, “Speculative taint
tracking (stt): A comprehensive protection for speculatively accessed data,” Commun.
ACM, vol. 64, p. 105–112, nov 2021.
[23] M. Kayaalp, K. N. Khasawneh, H. A. Esfeden, J. Elwell, N. Abu-Ghazaleh, D. Ponomarev,
and A. Jaleel, “Ric: Relaxed inclusion caches for mitigating llc side-channel attacks,” in
Proceedings of the 54th Annual Design Automation Conference 2017, DAC ’17, (New
York, NY, USA), Association for Computing Machinery, 2017.
[24] F. Yao, H. Fang, M. Doroslovaki, and G. Venkataramani, “Cotsknight: Practical defense
against cache timing channel attacks using cache monitoring and partitioning technolo-
gies,” 2019 IEEE International Symposium on Hardware Oriented Security and Trust
(HOST), pp. 121–130, 2019.
[25] Y. Guo, A. Zigerelli, Y. Zhang, and J. Yang, “Ivcache: Defending cache side channel
attacks via invisible accesses,” in Proceedings of the 2021 on Great Lakes Symposium on
VLSI, GLSVLSI ’21, (New York, NY, USA), p. 403–408, Association for Computing
Machinery, 2021.
[26] A. Cruz-Roa, A. Basavanhally, F. González, H. Gilmore, M. Feldman, S. Ganesan,
N. Shih, J. Tomaszewski, and A. Madabhushi, “Automatic detection of invasive duc-
tal carcinoma in whole slide images with convolutional neural networks,” Progress in
Biomedical Optics and Imaging - Proceedings of SPIE, vol. 9041, 02 2014.
[27] R. L. Burden and J. D. Faires, Numerical Analysis. The Prindle, Weber and Schmidt Series
in Mathematics, Boston: PWS-Kent Publishing Company, fourth ed., 1989.
[28] F. Liu, Y. Yarom, Q. Ge, G. Heiser, and R. B. Lee, “Last-level cache side-channel attacks
are practical,” in 2015 IEEE Symposium on Security and Privacy, pp. 605–622, 2015.
[29] N. Binkert, B. Beckmann, G. Black, S. K. Reinhardt, A. Saidi, A. Basu, J. Hestness, D. R.
Hower, T. Krishna, S. Sardashti, R. Sen, K. Sewell, M. Shoaib, N. Vaish, M. D. Hill, and
D. A. Wood, “The gem5 simulator,” SIGARCH Comput. Archit. News, vol. 39, p. 1–7,
aug 2011.
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top