Camouflage: Memory Traffic Shaping to Mitigate Timing Attacks

Yanqi Zhou; Sameer Wagh; Prateek Mittal; David Wentzlaff

doi:10.1109/HPCA.2017.36

Camouflage: Memory Traffic Shaping to Mitigate Timing Attacks

Yanqi Zhou, Sameer Wagh, Prateek Mittal, David Wentzlaff

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

20 Scopus citations

Abstract

Information leaks based on timing side channels in computing devices have serious consequences for user security and privacy. In particular, malicious applications in multi-user systems such as data centers and cloud-computing environments can exploit memory timing as a side channel to infer a victim's program access patterns/phases. Memory timing channels can also be exploited for covert communications by an adversary. We propose Camouflage, a hardware solution to mitigate timing channel attacks not only in the memory system, but also along the path to and from the memory system (e.g. NoC, memory scheduler queues). Camouflage introduces the novel idea of shaping memory requests' and responses' inter-arrival time into a pre-determined distribution for security purposes, even creating additional fake traffic if needed. This limits untrusted parties (either cloud providers or co-scheduled clients) from inferring information from another security domain by probing the bus to and from memory, or analyzing memory response rate. We design three different memory traffic shaping mechanisms for different security scenarios by having Camouflage work on requests, responses, and bi-directional (both) traffic. Camouflage is complementary to ORAMs and can be optionally used in conjunction with ORAMs to protect information leaks via both memory access timing and memory access patterns. Camouflage offers a tunable trade-off between system security and system performance. We evaluate Camouflage's security and performance both theoretically and via simulations, and find that Camouflage outperforms state-of-the-art solutions in performance by up to 50%.

Original language	English (US)
Title of host publication	Proceedings - 2017 IEEE 23rd Symposium on High Performance Computer Architecture, HPCA 2017
Publisher	IEEE Computer Society
Pages	337-348
Number of pages	12
ISBN (Electronic)	9781509049851
DOIs	https://doi.org/10.1109/HPCA.2017.36
State	Published - May 5 2017
Event	23rd IEEE Symposium on High Performance Computer Architecture, HPCA 2017 - Austin, United States Duration: Feb 4 2017 → Feb 8 2017

Publication series

Name	Proceedings - International Symposium on High-Performance Computer Architecture
ISSN (Print)	1530-0897

Other

Other	23rd IEEE Symposium on High Performance Computer Architecture, HPCA 2017
Country/Territory	United States
City	Austin
Period	2/4/17 → 2/8/17

All Science Journal Classification (ASJC) codes

Hardware and Architecture

Keywords

hardware
memory system
security

Access to Document

10.1109/HPCA.2017.36

Cite this

Zhou, Y., Wagh, S., Mittal, P., & Wentzlaff, D. (2017). Camouflage: Memory Traffic Shaping to Mitigate Timing Attacks. In Proceedings - 2017 IEEE 23rd Symposium on High Performance Computer Architecture, HPCA 2017 (pp. 337-348). Article 7920837 (Proceedings - International Symposium on High-Performance Computer Architecture). IEEE Computer Society. https://doi.org/10.1109/HPCA.2017.36

@inproceedings{8a1ecb9e5de04de2b5eb110dbd4ef606,

title = "Camouflage: Memory Traffic Shaping to Mitigate Timing Attacks",

abstract = "Information leaks based on timing side channels in computing devices have serious consequences for user security and privacy. In particular, malicious applications in multi-user systems such as data centers and cloud-computing environments can exploit memory timing as a side channel to infer a victim's program access patterns/phases. Memory timing channels can also be exploited for covert communications by an adversary. We propose Camouflage, a hardware solution to mitigate timing channel attacks not only in the memory system, but also along the path to and from the memory system (e.g. NoC, memory scheduler queues). Camouflage introduces the novel idea of shaping memory requests' and responses' inter-arrival time into a pre-determined distribution for security purposes, even creating additional fake traffic if needed. This limits untrusted parties (either cloud providers or co-scheduled clients) from inferring information from another security domain by probing the bus to and from memory, or analyzing memory response rate. We design three different memory traffic shaping mechanisms for different security scenarios by having Camouflage work on requests, responses, and bi-directional (both) traffic. Camouflage is complementary to ORAMs and can be optionally used in conjunction with ORAMs to protect information leaks via both memory access timing and memory access patterns. Camouflage offers a tunable trade-off between system security and system performance. We evaluate Camouflage's security and performance both theoretically and via simulations, and find that Camouflage outperforms state-of-the-art solutions in performance by up to 50%.",

keywords = "hardware, memory system, security",

author = "Yanqi Zhou and Sameer Wagh and Prateek Mittal and David Wentzlaff",

note = "Funding Information: This work was partially supported by the NSF under Grants No. CCF-1217553, CCF-1453112, CCF-1438980, and CNS-1409415, AFOSR under Grant No. FA9550-14- 1-0148, and DARPA under Grant No. N66001-14-1-4040. Publisher Copyright: {\textcopyright} 2017 IEEE. Copyright: Copyright 2017 Elsevier B.V., All rights reserved.; 23rd IEEE Symposium on High Performance Computer Architecture, HPCA 2017 ; Conference date: 04-02-2017 Through 08-02-2017",

year = "2017",

month = may,

day = "5",

doi = "10.1109/HPCA.2017.36",

language = "English (US)",

series = "Proceedings - International Symposium on High-Performance Computer Architecture",

publisher = "IEEE Computer Society",

pages = "337--348",

booktitle = "Proceedings - 2017 IEEE 23rd Symposium on High Performance Computer Architecture, HPCA 2017",

address = "United States",

}

Zhou, Y, Wagh, S, Mittal, P & Wentzlaff, D 2017, Camouflage: Memory Traffic Shaping to Mitigate Timing Attacks. in Proceedings - 2017 IEEE 23rd Symposium on High Performance Computer Architecture, HPCA 2017., 7920837, Proceedings - International Symposium on High-Performance Computer Architecture, IEEE Computer Society, pp. 337-348, 23rd IEEE Symposium on High Performance Computer Architecture, HPCA 2017, Austin, United States, 2/4/17. https://doi.org/10.1109/HPCA.2017.36

Camouflage: Memory Traffic Shaping to Mitigate Timing Attacks. / Zhou, Yanqi; Wagh, Sameer; Mittal, Prateek et al.
Proceedings - 2017 IEEE 23rd Symposium on High Performance Computer Architecture, HPCA 2017. IEEE Computer Society, 2017. p. 337-348 7920837 (Proceedings - International Symposium on High-Performance Computer Architecture).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Camouflage

T2 - 23rd IEEE Symposium on High Performance Computer Architecture, HPCA 2017

AU - Zhou, Yanqi

AU - Wagh, Sameer

AU - Mittal, Prateek

AU - Wentzlaff, David

N1 - Funding Information: This work was partially supported by the NSF under Grants No. CCF-1217553, CCF-1453112, CCF-1438980, and CNS-1409415, AFOSR under Grant No. FA9550-14- 1-0148, and DARPA under Grant No. N66001-14-1-4040. Publisher Copyright: © 2017 IEEE. Copyright: Copyright 2017 Elsevier B.V., All rights reserved.

PY - 2017/5/5

Y1 - 2017/5/5

N2 - Information leaks based on timing side channels in computing devices have serious consequences for user security and privacy. In particular, malicious applications in multi-user systems such as data centers and cloud-computing environments can exploit memory timing as a side channel to infer a victim's program access patterns/phases. Memory timing channels can also be exploited for covert communications by an adversary. We propose Camouflage, a hardware solution to mitigate timing channel attacks not only in the memory system, but also along the path to and from the memory system (e.g. NoC, memory scheduler queues). Camouflage introduces the novel idea of shaping memory requests' and responses' inter-arrival time into a pre-determined distribution for security purposes, even creating additional fake traffic if needed. This limits untrusted parties (either cloud providers or co-scheduled clients) from inferring information from another security domain by probing the bus to and from memory, or analyzing memory response rate. We design three different memory traffic shaping mechanisms for different security scenarios by having Camouflage work on requests, responses, and bi-directional (both) traffic. Camouflage is complementary to ORAMs and can be optionally used in conjunction with ORAMs to protect information leaks via both memory access timing and memory access patterns. Camouflage offers a tunable trade-off between system security and system performance. We evaluate Camouflage's security and performance both theoretically and via simulations, and find that Camouflage outperforms state-of-the-art solutions in performance by up to 50%.

AB - Information leaks based on timing side channels in computing devices have serious consequences for user security and privacy. In particular, malicious applications in multi-user systems such as data centers and cloud-computing environments can exploit memory timing as a side channel to infer a victim's program access patterns/phases. Memory timing channels can also be exploited for covert communications by an adversary. We propose Camouflage, a hardware solution to mitigate timing channel attacks not only in the memory system, but also along the path to and from the memory system (e.g. NoC, memory scheduler queues). Camouflage introduces the novel idea of shaping memory requests' and responses' inter-arrival time into a pre-determined distribution for security purposes, even creating additional fake traffic if needed. This limits untrusted parties (either cloud providers or co-scheduled clients) from inferring information from another security domain by probing the bus to and from memory, or analyzing memory response rate. We design three different memory traffic shaping mechanisms for different security scenarios by having Camouflage work on requests, responses, and bi-directional (both) traffic. Camouflage is complementary to ORAMs and can be optionally used in conjunction with ORAMs to protect information leaks via both memory access timing and memory access patterns. Camouflage offers a tunable trade-off between system security and system performance. We evaluate Camouflage's security and performance both theoretically and via simulations, and find that Camouflage outperforms state-of-the-art solutions in performance by up to 50%.

KW - hardware

KW - memory system

KW - security

UR - http://www.scopus.com/inward/record.url?scp=85019592792&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85019592792&partnerID=8YFLogxK

U2 - 10.1109/HPCA.2017.36

DO - 10.1109/HPCA.2017.36

M3 - Conference contribution

AN - SCOPUS:85019592792

T3 - Proceedings - International Symposium on High-Performance Computer Architecture

SP - 337

EP - 348

BT - Proceedings - 2017 IEEE 23rd Symposium on High Performance Computer Architecture, HPCA 2017

PB - IEEE Computer Society

Y2 - 4 February 2017 through 8 February 2017

ER -

Camouflage: Memory Traffic Shaping to Mitigate Timing Attacks

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Keywords

Access to Document

Other files and links

Fingerprint

Cite this