Camouflage: Memory Traffic Shaping to Mitigate Timing Attacks

Yanqi Zhou, Sameer Wagh, Prateek Mittal, David Wentzlaff

Research output: Chapter in Book/Report/Conference proceedingConference contribution

24 Scopus citations

Abstract

Information leaks based on timing side channels in computing devices have serious consequences for user security and privacy. In particular, malicious applications in multi-user systems such as data centers and cloud-computing environments can exploit memory timing as a side channel to infer a victim's program access patterns/phases. Memory timing channels can also be exploited for covert communications by an adversary. We propose Camouflage, a hardware solution to mitigate timing channel attacks not only in the memory system, but also along the path to and from the memory system (e.g. NoC, memory scheduler queues). Camouflage introduces the novel idea of shaping memory requests' and responses' inter-arrival time into a pre-determined distribution for security purposes, even creating additional fake traffic if needed. This limits untrusted parties (either cloud providers or co-scheduled clients) from inferring information from another security domain by probing the bus to and from memory, or analyzing memory response rate. We design three different memory traffic shaping mechanisms for different security scenarios by having Camouflage work on requests, responses, and bi-directional (both) traffic. Camouflage is complementary to ORAMs and can be optionally used in conjunction with ORAMs to protect information leaks via both memory access timing and memory access patterns. Camouflage offers a tunable trade-off between system security and system performance. We evaluate Camouflage's security and performance both theoretically and via simulations, and find that Camouflage outperforms state-of-the-art solutions in performance by up to 50%.

Original languageEnglish (US)
Title of host publicationProceedings - 2017 IEEE 23rd Symposium on High Performance Computer Architecture, HPCA 2017
PublisherIEEE Computer Society
Pages337-348
Number of pages12
ISBN (Electronic)9781509049851
DOIs
StatePublished - May 5 2017
Event23rd IEEE Symposium on High Performance Computer Architecture, HPCA 2017 - Austin, United States
Duration: Feb 4 2017Feb 8 2017

Publication series

NameProceedings - International Symposium on High-Performance Computer Architecture
ISSN (Print)1530-0897

Other

Other23rd IEEE Symposium on High Performance Computer Architecture, HPCA 2017
Country/TerritoryUnited States
CityAustin
Period2/4/172/8/17

All Science Journal Classification (ASJC) codes

  • Hardware and Architecture

Keywords

  • hardware
  • memory system
  • security

Fingerprint

Dive into the research topics of 'Camouflage: Memory Traffic Shaping to Mitigate Timing Attacks'. Together they form a unique fingerprint.

Cite this