Go to ICC 2020 homepageDegradeTimer: Mitigating Dedicated Thread Timer based Microarchitectural Timing Channels
Abstract: Microarchitectural timing channels, e.g., timing-based side channels or covert channels, endanger victims' data confidentiality by accurately measuring the time difference of accessing shared microarchitectural resources (e.g., cache and DRAM). Lowering the accuracy of such timers is a feasible and widely discussed direction for mitigating such channels. However, few solutions have paid attentions to the special dedicated thread timer, which measures the time by utilizing a dedicated thread to increment a time counter in an endless loop.In this paper, we present a novel approach, DegradeTimer, to degrade the dedicated thread timer. It first eliminates local cache sharing between the attacker thread and the timer thread in case the CPU's hyper-threading feature is enabled, by modifying Linux kernel's thread scheduling policy to enforce that any two threads sharing writable memory are dispatched to different physical cores. Then, it applies two novel cache coherence protocols, M-MESI and M-MOSEI, to randomly delay responses to remote cache requests. In this way, the attacker thread and the timer thread are dispatched to different cores and provided with fuzzy cache time transmission. We have implemented a prototype of DegradeTimer for both x86 and ARM architecture using the Linux kernel and the gem5 full system simulator. The evaluation results show that DegradeTimer provides a strong security guarantee against microarchitectural timing channels. Furthermore, the performance overhead introduced by DegradeTimer is less than 6%.
0 Replies
Loading