Zero in and timefuzz: Detection and mitigation of cache side-channel attacks

Abstract

Cache Side Channel Attack (CSCA) works by monitoring security critical operations and recovering the secret or private information according to the accesses by the victim. Previous efforts on CSCA detection only rely on global statistics information, which leads to some drawbacks. To meet these challenges, Zero in and TimeFuzz (ZITF), a wide-coverage, high-accuracy mitigation scheme of CSCA based on Intel-PIN is presented here. The key point of ZITF is the combination of local features and global features, which can achieve a more accurate detection and mitigation to CSCA. To reduce the impact on other benign processes, a way to time fuzz suspicious processes is used by tampering with the time information required. The comparative experiments on benign processes and malicious processes show that ZITF really works and outperforms the previous work in several ways. In addition, the experiment also proves that ZITF can also be applied to the detection and mitigation of Flush-Flush and Meltdown attack.