Covert Timing Channels Exploiting Non-Uniform Memory Access based Architectures

  • Authors:
    Fan Yao (GWU), Guru Prasadh Venkataramani (GWU), Milos Doroslovacki (GWU)
    Publication ID:
    P090564
    Publication Type:
    Paper
    Received Date:
    21-Mar-2017
    Last Edit Date:
    21-Mar-2017
    Research:
    2684.001 (George Washington University)

Abstract

Covert timing channels are a class of information leakage attacks where two processes, namely the trojan and spy, collude with intent to stealthily exfiltrate privileged information even when the underlying system security policy prohibits any direct communication between the two processes. In this paper, we present a new type of covert timing channel that exploits the access timing difference between various caches in Non-Uniform Memory Access (NUMA)-based architectures, especially multi-socket CPUs. We demonstrate a realistic covert timing channel implemented on a dual-socket Intel Xeon server. We then explore use of statistical analysis techniques to characterize and quantify the presence of covert timing channel activity. Our experimental
results show that such quantification techniques could be a
useful first step in formulating an effective defense against
NUMA-based covert timing channels.

4819 Emperor Blvd, Suite 300 Durham, NC 27703 Voice: (919) 941-9400 Fax: (919) 941-9450