Yinqian Zhang, "When Side Channel Meets Row Hammer: Cache-Memory Attacks in Clouds and Mobile Devices"
CERIAS Weekly Security Seminar - Purdue University
English - December 07, 2016 21:30 - 168 MB Video - ★★★★ - 6 ratingsTechnology Education Courses infosec security video seminar cerias purdue information sfs research education Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Processor caches and memory chips are hardware components used by
all software programs on a computer system. They are designed, and
thereafter fine-tuned over the years, for better performance and
power efficiency, but not for strong isolation between mutually
distrustful software programs. However, modern computing paradigm
has been shifting towards resource sharing without full trust: In
multi-tenant public clouds, virtual machines controlled by
different customers are scheduled to run on the same cloud servers;
in mobile devices, untrusted third-party apps, though isolated
using sandboxes, share the same devices with sensitive apps. Our
research question is whether sharing of memory resources will
introduce new security threats to these systems.
In this talk, we highlight a type of security threats that we call
cache-memory attacks. These attacks are possible due to
insufficient isolation in hardware memory resources (e.g., various
levels of caches, memory controllers, buses and chips, etc.) that
are shared between malevolent and sensitive software programs. We
coin cache-memory attacks as the umbrella terms of side-channel
attacks (i.e., confidentiality attacks), row-hammer attacks (i.e.,
integrity attacks) and resource contention attacks (i.e.,
availability attacks). We will discuss the root vulnerabilities of
these attacks and their exploitation in the context of clouds and
mobile devices. We will also cover some defense techniques against
these attacks that we have developed over the past few years.