TY - GEN
T1 - Camouflage
T2 - 23rd IEEE Symposium on High Performance Computer Architecture, HPCA 2017
AU - Zhou, Yanqi
AU - Wagh, Sameer
AU - Mittal, Prateek
AU - Wentzlaff, David
N1 - Funding Information:
This work was partially supported by the NSF under Grants No. CCF-1217553, CCF-1453112, CCF-1438980, and CNS-1409415, AFOSR under Grant No. FA9550-14- 1-0148, and DARPA under Grant No. N66001-14-1-4040.
Publisher Copyright:
© 2017 IEEE.
Copyright:
Copyright 2017 Elsevier B.V., All rights reserved.
PY - 2017/5/5
Y1 - 2017/5/5
N2 - Information leaks based on timing side channels in computing devices have serious consequences for user security and privacy. In particular, malicious applications in multi-user systems such as data centers and cloud-computing environments can exploit memory timing as a side channel to infer a victim's program access patterns/phases. Memory timing channels can also be exploited for covert communications by an adversary. We propose Camouflage, a hardware solution to mitigate timing channel attacks not only in the memory system, but also along the path to and from the memory system (e.g. NoC, memory scheduler queues). Camouflage introduces the novel idea of shaping memory requests' and responses' inter-arrival time into a pre-determined distribution for security purposes, even creating additional fake traffic if needed. This limits untrusted parties (either cloud providers or co-scheduled clients) from inferring information from another security domain by probing the bus to and from memory, or analyzing memory response rate. We design three different memory traffic shaping mechanisms for different security scenarios by having Camouflage work on requests, responses, and bi-directional (both) traffic. Camouflage is complementary to ORAMs and can be optionally used in conjunction with ORAMs to protect information leaks via both memory access timing and memory access patterns. Camouflage offers a tunable trade-off between system security and system performance. We evaluate Camouflage's security and performance both theoretically and via simulations, and find that Camouflage outperforms state-of-the-art solutions in performance by up to 50%.
AB - Information leaks based on timing side channels in computing devices have serious consequences for user security and privacy. In particular, malicious applications in multi-user systems such as data centers and cloud-computing environments can exploit memory timing as a side channel to infer a victim's program access patterns/phases. Memory timing channels can also be exploited for covert communications by an adversary. We propose Camouflage, a hardware solution to mitigate timing channel attacks not only in the memory system, but also along the path to and from the memory system (e.g. NoC, memory scheduler queues). Camouflage introduces the novel idea of shaping memory requests' and responses' inter-arrival time into a pre-determined distribution for security purposes, even creating additional fake traffic if needed. This limits untrusted parties (either cloud providers or co-scheduled clients) from inferring information from another security domain by probing the bus to and from memory, or analyzing memory response rate. We design three different memory traffic shaping mechanisms for different security scenarios by having Camouflage work on requests, responses, and bi-directional (both) traffic. Camouflage is complementary to ORAMs and can be optionally used in conjunction with ORAMs to protect information leaks via both memory access timing and memory access patterns. Camouflage offers a tunable trade-off between system security and system performance. We evaluate Camouflage's security and performance both theoretically and via simulations, and find that Camouflage outperforms state-of-the-art solutions in performance by up to 50%.
KW - hardware
KW - memory system
KW - security
UR - http://www.scopus.com/inward/record.url?scp=85019592792&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85019592792&partnerID=8YFLogxK
U2 - 10.1109/HPCA.2017.36
DO - 10.1109/HPCA.2017.36
M3 - Conference contribution
AN - SCOPUS:85019592792
T3 - Proceedings - International Symposium on High-Performance Computer Architecture
SP - 337
EP - 348
BT - Proceedings - 2017 IEEE 23rd Symposium on High Performance Computer Architecture, HPCA 2017
PB - IEEE Computer Society
Y2 - 4 February 2017 through 8 February 2017
ER -