Trustworthy Systems

CATalyst: defeating last-level cache side channel attacks in cloud computing

Authors

Fangfei Liu, Qian Ge, Yuval Yarom, Frank Mckeen, Carlos Rozas, Gernot Heiser and Ruby B Lee

Princeton University

NICTA

UNSW

University of Adelaide

Intel Corporation

Abstract

Cache side channel attacks are a serious threat to multi-tenant public clouds. Past work showed how secret information in one virtual machine (VM) can be extracted by another co-resident VM using such attacks. Recent research demonstrated the feasibility of high-bandwidth, low-noise attacks on the last-level cache (LLC), which is shared by all the cores in the processor package, enabling attacks even when VMs are scheduled on different cores. This paper shows how such LLC side channel attacks can be defeated using a performance optimization feature recently introduced in commodity processors. Since most cloud servers use Intel processors, we show how the Intel Cache Allocation Technology (CAT) can be used in a novel way to provide a system-level protection mechanism to defend from side channel attacks on the shared LLC. CAT is a way-based hardware cache-partitioning mechanism for enforcing quality-of-service with respect to LLC occupancy. However, it cannot be directly used to defeat cache side channel attacks due to the very limited number of partitions it provides. We present CATalyst, a novel pseudo-locking mechanism which uses CAT to partition the LLC into a hybrid hardware-software managed cache. We implement a proof-of-concept system using Xen and Linux running on a server with Intel processors, and show that LLC side channel attacks can be defeated. Furthermore, CATalyst only causes very small performance overhead when used for security, and have negligible impact on the legacy applications.

BibTeX Entry

  @inproceedings{Liu_GYMRHL_16,
    address          = {Barcelona, Spain},
    author           = {Liu, Fangfei and Ge, Qian and Yarom, Yuval and Mckeen, Frank and Rozas, Carlos and Heiser, Gernot
                        and Lee, Ruby B},
    booktitle        = {IEEE Symposium on High-Performance Computer Architecture},
    month            = mar,
    pages            = {406--418},
    paperurl         = {https://trustworthy.systems/publications/nicta_full_text/8984.pdf},
    publisher        = {IEEE},
    title            = {{CATalyst}: Defeating Last-Level Cache Side Channel Attacks in Cloud Computing},
    year             = {2016}
  }

Download