RSPP: Restricted Static Pseudo-Partitioning for Mitigation of Cross-Core Covert Channel Attacks

Abstract

Cache timing channel attacks exploit the inherent properties of cache memories: hit and miss time along with the shared nature of the cache to leak secret information. The side channel and covert channel are the two well-known cache timing channel attacks. In this article, we propose Restricted Static Pseudo-Partitioning (RSPP), an effective partition-based mitigation mechanism that restricts the cache access of only the adversaries involved in the attack. It has an insignificant impact of only 1% in performance, as the benign processes have access to the full cache and restrictions are limited only to the suspicious processes and cache sets. It can be implemented with a maximum storage overhead of 1.45% of the total Last-Level Cache (LLC) size. This article presents three variations of the proposed attack mitigation mechanism: RSPP, simplified-RSPP (S-RSPP) and corewise-RSPP (C-RSPP) with different hardware overheads. A full system simulator is used for evaluating the performance impact of RSPP. A detailed experimental analysis with different LLC and attack parameters is also discussed. RSPP is also compared with the existing defense mechanisms effective against cross-core covert channel attacks.