REHAD: Using Low-Frequency Reconfigurable Hardware for Cache Side-Channel Attacks Detection

International audience Cache side-channel attacks consist, for a malicious process, to infer the current state of the cache by measuring the time it takes to access the memory, and indirectly gain knowledge about other processes sharing this same physical cache. Because cache side-channel attacks le...

Full description

Bibliographic Details
Main Authors: Mao, Yuxiao, Migliore, Vincent, Nicomette, Vincent
Other Authors: Équipe Tolérance aux fautes et Sûreté de Fonctionnement informatique (LAAS-TSF), Laboratoire d'analyse et d'architecture des systèmes (LAAS), Université Toulouse Capitole (UT Capitole), Université de Toulouse (UT)-Université de Toulouse (UT)-Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Université de Toulouse (UT)-Institut National des Sciences Appliquées (INSA)-Université Toulouse - Jean Jaurès (UT2J), Université de Toulouse (UT)-Université Toulouse III - Paul Sabatier (UT3), Université de Toulouse (UT)-Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université de Toulouse (UT)-Université Toulouse Capitole (UT Capitole), Université de Toulouse (UT)
Format: Conference Object
Language:English
Published: HAL CCSD 2020
Subjects:
Online Access:https://laas.hal.science/hal-02949624
https://laas.hal.science/hal-02949624/document
https://laas.hal.science/hal-02949624/file/Mao%20et%20al.%20-%202020%20-%20REHAD%20Using%20Low-Frequency%20Reconfigurable%20Hardware.pdf
https://doi.org/10.1109/EuroS&PW51379.2020.00100
Description
Summary:International audience Cache side-channel attacks consist, for a malicious process, to infer the current state of the cache by measuring the time it takes to access the memory, and indirectly gain knowledge about other processes sharing this same physical cache. Because cache side-channel attacks leverage a hardware leakage without requiring any physical access to the devices, they represent very serious threats. Among the runtime detection techniques for cache side-channel attacks, hardware solutions are usually fine-grained and benefit from less performance overhead than software solutions. However, they are not flexible enough to suit the rapid evolution and appearance of software attacks. In this paper we describe REHAD, a novel attack detection architecture that uses reconfigurable hardware. More precisely, it includes a hardware detection module that can be reconfigured by means of a trusted software kernel, to adapt to the level of threats and to detect new attacks. This architecture also benefits from hardware parallelism to fill the frequency gap between reconfigurable hardware and core processor. REHAD has been integrated into the ORCA softcore RISC-V on a FPGA and two common cache side-channel attacks have been successfully detected.