Mitigating Cross-Core Cache Attacks via Suspicious Traffic Detection

Abstract

Continuous Attacks are common cross-core cache side-channel attack scenarios that we observed, where adversaries frequently probe-target cache lines in a short time. Under Continuous Attacks, the attacked lines go through multiple load-evict processes between different cache (or memory) hierarchies, exhibiting Ping-Pong patterns. Identifying and obscuring these abnormal patterns effectively interfere with the attacker's probe and mitigate such attacks. Our recent proposal, Ping-Pong regulator (PPR), captures multiple Ping-Pong patterns by counting the reaccesses per cache line and blocks them with different obscuring actions (preload or lock). Although PPR mitigates Continuous Attacks, the added regulator directory (RDir) is vulnerable because it cannot record all cache lines simultaneously. Sophisticated attackers can evict the records of the attacked line from the RDir to avoid triggering defensive actions, thereby bypassing PPR. To improve robustness, we further propose PPR+, which dynamically changes the mapping of physical addresses to RDir locations by encryption and periodically changing keys. This randomness makes it difficult for attackers to evict target entries out of the RDir within a limited time. We show that PPR+ tolerates more than 100 years of attacks, induces negligible performance impacts (improves 0.13%), requires acceptable storage overhead (3.15%), and does not need any software support.