论文信息 - Securing IoT/IIoT from Software Attacks Targeting Hardware Vulnerabilities

Securing IoT/IIoT from Software Attacks Targeting Hardware Vulnerabilities

The microarchitecture of modern systems become more and more complicated. This increasing complexity gives rise to a new class of attacks which uses software code and targets hardware vulnerabilities of the system microarchitectures. Software attacks targeting hardware vulnerabilities (SATHVs) gain popularity. In particular, cache side channel attacks, Spectre, and Rowhammer are serious threats. They take advantage of microarchitectural vulnerabilities to extract secret information or harm the system. As these attacks target the system’s hardware, they can avoid traditional software antivirus protections. However, they modify the normal operation of the system’s hardware. Hardware Performance Counters (HPCs) are special registers that allow counting specific hardware events. These registers can help us monitor system’s execution at hardware level and detect this set of attacks. Many solutions in the literature use HPCs to detect SATHVs. Although, these solutions target detecting only a limited set of the available SATHVs. If security designers do not consider all the possibilities, attackers can bypass existing protections using SATHV variants. In this article, we investigate how the side effect selection proposed in the literature, could or could not help us detect the studied attacks in our testing platform. Our threat model includes Cache side channel and Rowhammer attacks. We also discuss the limitations of software monitoring and how hardware approaches can resolve them.

[1] Aurélien Francillon,et al. C5: Cross-Cores Cache Covert Channel , 2015, DIMVA.

[2] Shuanghe Peng,et al. Detection of Cache-based Side Channel Attack Based on Performance Counters , 2018 .

[3] Salvatore J. Stolfo,et al. On the feasibility of online malware detection with performance counters , 2013, ISCA.

[4] Mathias Payer,et al. HexPADS: A Platform to Detect "Stealth" Attacks , 2016, ESSoS.

[5] Stefan Mangard,et al. Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript , 2015, DIMVA.

[6] Trevor Mudge,et al. MiBench: A free, commercially representative embedded benchmark suite , 2001 .

[7] Yuval Yarom,et al. FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack , 2014, USENIX Security Symposium.

[8] Stefan Mangard,et al. Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches , 2015, USENIX Security Symposium.

[9] Kai Li,et al. The PARSEC benchmark suite: Characterization and architectural implications , 2008, 2008 International Conference on Parallel Architectures and Compilation Techniques (PACT).