Austin Harris, Shijia Wei, Prateek Sahu, Pranav Kumar, Todd Austin, Mohit Tiwari, "Cyclone: Detecting Contention-Based Cache Information Leaks Through Cyclic Interference" Austin Harris, Shijia Wei, Prateek Sahu, Pranav Kumar, Mohit Tiwari, Todd Austin, in Proceedings of the 52nd International Symposium on Microarchitecture (MICRO).

 download pdf

Micro-architecture units like caches are notorious for leaking secrets across security domains. An attacker program can contend for on-chip state or bandwidth and can even use speculative execution in processors to drive this contention; and protecting against all contention-driven attacks is exceptionally challenging. Prior works can mitigate contention channels through caches by partitioning the larger, lower-level caches or by looking for anomalous perfor- mance or contention behavior. Neither scales to large number of fine-grained domains as required by browsers and web-services that place many domains within the same address space. We observe that cache contention channels have a unique property – contention leaks information only when it is cyclic, i.e., domain A interferes with domain B, followed by interference from B to A. We propose to use this cyclic interference property to detect micro-architectural attacks as anomalous cyclic interference. Unlike partitioning, our detection approach scales to many concurrent do- mains in a single address space; and unlike prior anomaly detectors, cyclic interference is robust to noise from benign interference. We track cyclic interference using non-intrusive detectors in an out-of-order core and stress test our prototype, Cyclone, with fine- grained isolation in browsers (against speculation-driven attacks) and coarse-grained isolation of cores (against covert-channels em- bedded in database and machine learning workloads). Full-system simulations on an ARM micro-architecture show close to perfect detection rates and 260 − 1000× lower false positives than using (state-of-the-art) contention alone, with slowdowns of only ∼3.6%.

« "Morpheus: A Vulnerability-Tolerant Secure Architecture Based on Ensembles of Moving Target Defenses with Churn" | Publications List | "Software-driven Security Attacks: From Vulnerability Sources to Durable Hardware Defenses" »


I am currently a graduate student working on a Ph.D. in Electrical & Computer Engineering in the SPARK Research Lab. I am supervised by Professor Mohit Tiwari.