Return to search

Maintaining Security in the Era of Microarchitectural Attacks

Shared microarchitectural state is a target for side-channel attacks that leverage timing measurements to leak information across security domains. These attacks are further enhanced by speculative execution, which transiently distorts the control and data flow of applications, and by untrusted environments, where the attacker may have complete control over the victim program. Under these conditions, microarchitectural attacks can bypass software isolation mechanisms, and hence they threaten the security of virtually any application running in a shared environment.
Numerous approaches have been proposed to defend against microarchitectural attacks, but we lack the means to test them and ensure their effectiveness. The users cannot test them manually because the effects of the defences are not visible to software. Testing the defences by attempting attacks is also suboptimal because the attacks are inherently unstable, and a failed attack is not always an indicator of a successful defence. Moreover, some classes of defences can be disabled at runtime. Hence, we need automated tools that would check the effectiveness of defences, both at design time and at runtime. Yet, as it is common in security, the existing solutions lag behind the developments in attacks.
In this thesis, we propose three techniques that check the effectiveness of defences against modern microarchitectural attacks. Revizor is an approach to automatically detect microarchitectural information leakage in commercial black-box CPUs. SpecFuzz is a technique for dynamic testing of applications to find instances of speculative vulnerabilities. Varys is an approach to runtime monitoring of system defences against microarchitectural attacks.
We show that with these techniques, we can successfully detect microarchitectural vulnerabilities in hardware and flaws in defences against them; find unpatched instances of speculative vulnerabilities in software; and detect attempts to invalidate system defences.

Identiferoai:union.ndltd.org:DRESDEN/oai:qucosa:de:qucosa:76658
Date16 November 2021
CreatorsOleksenko, Oleksii
ContributorsFetzer, Christof, Bos, Herbert, Technische Universität Dresden
Source SetsHochschulschriftenserver (HSSS) der SLUB Dresden
LanguageEnglish
Detected LanguageEnglish
Typeinfo:eu-repo/semantics/publishedVersion, doc-type:doctoralThesis, info:eu-repo/semantics/doctoralThesis, doc-type:Text
Rightsinfo:eu-repo/semantics/openAccess

Page generated in 0.002 seconds