Cache Side Channel Attack (CSCA) works by monitoring security critical operations and recovering the secret or private information according to the accesses by the victim. Previous efforts on CSCA detection only rely on global statistics information, which leads to some drawbacks. To meet these challenges, Zero in and TimeFuzz (ZITF), a wide-coverage, high-accuracy mitigation scheme of CSCA based on Intel-PIN is presented here. The key point of ZITF is the combination of local features and global features, which can achieve a more accurate detection and mitigation to CSCA. To reduce the impact on other benign processes, a way to time fuzz suspicious processes is used by tampering with the time information required. The comparative experiments on benign processes and malicious processes show that ZITF really works and outperforms the previous work in several ways. In addition, the experiment also proves that ZITF can also be applied to the detection and mitigation of Flush-Flush and Meltdown attack.
CITATION STYLE
Wang, Z. H., Peng, S. H., Guo, X. Y., & Jiang, W. B. (2019). Zero in and timefuzz: Detection and mitigation of cache side-channel attacks. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11359 LNCS, pp. 410–424). Springer Verlag. https://doi.org/10.1007/978-3-030-12942-2_31
Mendeley helps you to discover research relevant for your work.