Abstract
Cache side channel attacks, as a type of cryptanalysis, seriously threaten the security of the cryptosystem. These attacks continuously monitor the memory addresses associated with the victim’s secret information, which cause frequent memory access on these addresses. This paper proposes CacheHawkeye, which uses the frequent memory access characteristic of the attacker to detect attacks. CacheHawkeye monitors memory events by CPU hardware performance counters. We proved the effectiveness of CacheHawkeye on Flush+Reload and Flush+Flush attacks. In addition, we evaluated the accuracy of CacheHawkeye under different system loads. Experiments demonstrate that CacheHawkeye not only has good accuracy but can also adapt to various system loads.
Highlights
Side Channel Attacks Based onThe security of a cryptosystem can be compromised via cryptanalysis
This article focuses on cache side channel attacks that exploiting shared memory
We evaluated the performance of CacheHawkeye
Summary
The security of a cryptosystem can be compromised via cryptanalysis. Cache side channel cryptanalysis is a type of cryptanalysis. Trace-driven attacks include Flush+Reload [2] and Flush+Flush [3] These two attacks take advantage of shared memory technology and leverage the L3 cache as a side channel for data leakage. Oliverio et al [6] changed shared page from copy-on-write to copy-on-access to prohibit attackers and victims from sharing memory These countermeasures require major modifications to hardware and operating system. This article focuses on cache side channel attacks that exploiting shared memory To detect such attacks, we design CacheHawkeye. To the best of our knowledge, this is the first time memory events have been used to detect cache side channel attacks These attacks infer the victim’s privacy by continuously monitoring specific memory addresses, which generate frequent memory access on the specific memory addresses. CacheHawkeye provides good accuracy, and adapts to different system loads
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.