Sherlock Holmes of Cache Side-Channel Attacks in Intel's x86 Architecture

Maria Mushtaq 1 Ayaz Akram 2 Muhammad Khurram Bhatti Usman Ali Vianney Lapotre 1 Guy Gogniat 1
1 Lab-STICC_UBS_CACS_MOCS
Lab-STICC - Laboratoire des sciences et techniques de l'information, de la communication et de la connaissance
Abstract : Intel's x86 architecture has been exposed to high resolution and stealthy cache side channel attacks (CSCAs) over past few years. In this paper, we present a novel technique to detect CSCAs on Intel's x86 architecture. The proposed technique comprises of multiple machine learning models that use real-time behavioral data of concurrent processes collected through Hardware Performance Counters (HPCs). In this work, we demonstrate that machine learning models, when coupled with intelligent performance monitoring of concurrent processes at hardware-level, can be used in security for early-stage detection of high precision and stealthier CSCAs. We provide extensive experiments with four variants of the state-of-the-art CSCAs. We demonstrate that our proposed technique is resilient to noise generated by the system under various loads. To do so, we provide results under realistic system load conditions with an evaluation metric comprising of detection accuracy, speed, system-wide performance overhead and confusion matrix for machine learning models. In experiments, our technique achieves detection accuracy of up to 99.51% for Flush+Reload attack on RSA, incurring a performance overhead of 1.63% and 99.99% accuracy on AES while incurring a maximum performance overhead of 8.28%. Our experimental results show consistency for Flush+Flush attack on different implementations of AES as well.
Complete list of metadatas

Cited literature [33 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-02151838
Contributor : Maria Mushtaq <>
Submitted on : Monday, June 10, 2019 - 1:57:30 PM
Last modification on : Thursday, January 23, 2020 - 2:50:17 PM

File

IEEE-CNS-2019.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-02151838, version 1

Citation

Maria Mushtaq, Ayaz Akram, Muhammad Khurram Bhatti, Usman Ali, Vianney Lapotre, et al.. Sherlock Holmes of Cache Side-Channel Attacks in Intel's x86 Architecture. IEEE-Communications and Network Security, Jun 2019, Washington DC, United States. ⟨hal-02151838⟩

Share

Metrics

Record views

297

Files downloads

234