Abstract
Cache attacks are one of the most wide-spread and dangerous threats to embedded computing systems' security. A promising approach to detect such attacks at runtime is to monitor the System-on-Chip (SoC) behavior. However, designing a secure SoC capable of detecting such attacks is very challenging: the monitors should be lightweight in order to avoid excessive power/energy and area costs and the attack behavior should be clearly known upfront. In this work, we present LiD-CAT, a lightweight and flexible hardware detector that is aware of leakage patterns that can be used by attackers to perform cache based attacks. LiD-CAT is a cache wrapper that implements a set of leakage properties derived from cache attacks and cache models using templates. These templates identify suspicious behavior that may lead to cache attacks. LiD-CAT is evaluated using two different cache architectures, one with a secure cache and one without. On each of them, SPEC2000 benchmarks are run together with malicious applications that execute cache attacks (i.e., Evict+Time, Prime+Probe, Flush+Reload and Flush+Flush). Results show that our lightweight detector successfully detects 99.99% of the attacks with less than 1% false-positives, has no timing penalties, and increases the area of a SoC with only 1.6%.
Original language | English |
---|---|
Title of host publication | 2020 IEEE European Test Symposium (ETS) |
Subtitle of host publication | Proceedings |
Publisher | IEEE |
Pages | 1-6 |
Number of pages | 6 |
ISBN (Electronic) | 978-1-7281-4312-5 |
ISBN (Print) | 978-1-7281-4313-2 |
DOIs | |
Publication status | Published - 2020 |
Event | ETS 2020: 2020 IEEE European Test Symposium - Tallinn, Estonia Duration: 25 May 2020 → 29 May 2020 |
Conference
Conference | ETS 2020 |
---|---|
Country/Territory | Estonia |
City | Tallinn |
Period | 25/05/20 → 29/05/20 |