Core-private caches represent a convenient and practical way for exfiltrating secret information and endanger ICT systems, including CIs. Attacks abusing the caches as covert channels are hard to be detected, as the caches are easily accessible without any privileges. To address this threat and enhance the security in CIs and other ICT systems, we proposed the usage of feasibility metrics to assess the probability of a covert channel exploit happening in the system or, to conduct post mortem analysis. The proposed feasibility metrics can be derived using hardware performance counters, and represent a lightweight way to reason about the possible covert channel threat. To validate our proposal, we demonstrate the applicability of the proposed metrics by conducting experiments with a L1 CCA and considering varied scenarios. Our results discern that the busy waiting and the successive scheduling of the processes can reliably be correlated with the success of a covert-channel exploit using the L1 cache. The proposed metrics help systematically ascertain efficient ways to address such exploits, and to facilitate security enhancement in ICT systems, including CIs.
Protecting Cloud-based CIs: Covert Channel Vulnerabilities at the Resource Level
The work described in this website has been conducted within the project NeCS. This project has received funding from the European Union’s Horizon 2020 (H2020) research and innovation programme under the Grant Agreement no 675320. This website and the content displayed in it do not represent the opinion of the European Union, and the European Union is not responsible for any use that might be made of its content.
Author (ESR):
Salman Manzoor (Technische Universitaet Darmstadt)