Detecting time-fragmented cache attacks against AES using Performance Monitoring Counters
- Autores
- Prada, Iván; Igual, Francisco D.; Olcoz Herrero, Katzalin
- Año de publicación
- 2019
- Idioma
- inglés
- Tipo de recurso
- documento de conferencia
- Estado
- versión publicada
- Descripción
- Cache timing attacks use shared caches in multi-core processors as side channels to extract information from victim processes. These attacks are particularly dangerous in cloud infrastructures, in which the deployed countermeasures cause collateral e ects in terms of performance loss and increase in energy consumption. We propose to monitor the victim process using an independent monitoring (detector) process, that continuously measures selected Performance Monitoring Counters (PMC) to detect the presence of an attack. Ad-hoc counter- measures can be applied only when such a risky situation arises. In our case, the victim process is the Advanced Encryption Standard (AES) encryption algorithm and the attack is performed by means of random encryption requests. We demonstrate that PMCs are a feasible tool to detect the attack and that sampling PMCs at high frequencies is worse than sampling at lower frequencies in terms of detection capabilities, particularly when the attack is fragmented in time to try to be hidden from detection.
Instituto de Investigación en Informática - Materia
-
Ciencias Informáticas
cache attacks
flush+reload
AES
performance monitoring counters - Nivel de accesibilidad
- acceso abierto
- Condiciones de uso
- http://creativecommons.org/licenses/by-nc-sa/4.0/
- Repositorio
.jpg)
- Institución
- Universidad Nacional de La Plata
- OAI Identificador
- oai:sedici.unlp.edu.ar:10915/80337
Ver los metadatos del registro completo
| id |
SEDICI_62bd0651aab96c9ddfde85e22dd34565 |
|---|---|
| oai_identifier_str |
oai:sedici.unlp.edu.ar:10915/80337 |
| network_acronym_str |
SEDICI |
| repository_id_str |
1329 |
| network_name_str |
SEDICI (UNLP) |
| spelling |
Detecting time-fragmented cache attacks against AES using Performance Monitoring CountersPrada, IvánIgual, Francisco D.Olcoz Herrero, KatzalinCiencias Informáticascache attacksflush+reloadAESperformance monitoring countersCache timing attacks use shared caches in multi-core processors as side channels to extract information from victim processes. These attacks are particularly dangerous in cloud infrastructures, in which the deployed countermeasures cause collateral e ects in terms of performance loss and increase in energy consumption. We propose to monitor the victim process using an independent monitoring (detector) process, that continuously measures selected Performance Monitoring Counters (PMC) to detect the presence of an attack. Ad-hoc counter- measures can be applied only when such a risky situation arises. In our case, the victim process is the Advanced Encryption Standard (AES) encryption algorithm and the attack is performed by means of random encryption requests. We demonstrate that PMCs are a feasible tool to detect the attack and that sampling PMCs at high frequencies is worse than sampling at lower frequencies in terms of detection capabilities, particularly when the attack is fragmented in time to try to be hidden from detection.Instituto de Investigación en Informática2019-06info:eu-repo/semantics/conferenceObjectinfo:eu-repo/semantics/publishedVersionObjeto de conferenciahttp://purl.org/coar/resource_type/c_5794info:ar-repo/semantics/documentoDeConferenciaapplication/pdf3-15http://sedici.unlp.edu.ar/handle/10915/80337enginfo:eu-repo/semantics/altIdentifier/isbn/978-3-030-27713-0info:eu-repo/semantics/reference/doi/10.1007/978-3-030-27713-0info:eu-repo/semantics/openAccesshttp://creativecommons.org/licenses/by-nc-sa/4.0/Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0)reponame:SEDICI (UNLP)instname:Universidad Nacional de La Platainstacron:UNLP2025-10-15T11:06:43Zoai:sedici.unlp.edu.ar:10915/80337Institucionalhttp://sedici.unlp.edu.ar/Universidad públicaNo correspondehttp://sedici.unlp.edu.ar/oai/snrdalira@sedici.unlp.edu.arArgentinaNo correspondeNo correspondeNo correspondeopendoar:13292025-10-15 11:06:43.66SEDICI (UNLP) - Universidad Nacional de La Platafalse |
| dc.title.none.fl_str_mv |
Detecting time-fragmented cache attacks against AES using Performance Monitoring Counters |
| title |
Detecting time-fragmented cache attacks against AES using Performance Monitoring Counters |
| spellingShingle |
Detecting time-fragmented cache attacks against AES using Performance Monitoring Counters Prada, Iván Ciencias Informáticas cache attacks flush+reload AES performance monitoring counters |
| title_short |
Detecting time-fragmented cache attacks against AES using Performance Monitoring Counters |
| title_full |
Detecting time-fragmented cache attacks against AES using Performance Monitoring Counters |
| title_fullStr |
Detecting time-fragmented cache attacks against AES using Performance Monitoring Counters |
| title_full_unstemmed |
Detecting time-fragmented cache attacks against AES using Performance Monitoring Counters |
| title_sort |
Detecting time-fragmented cache attacks against AES using Performance Monitoring Counters |
| dc.creator.none.fl_str_mv |
Prada, Iván Igual, Francisco D. Olcoz Herrero, Katzalin |
| author |
Prada, Iván |
| author_facet |
Prada, Iván Igual, Francisco D. Olcoz Herrero, Katzalin |
| author_role |
author |
| author2 |
Igual, Francisco D. Olcoz Herrero, Katzalin |
| author2_role |
author author |
| dc.subject.none.fl_str_mv |
Ciencias Informáticas cache attacks flush+reload AES performance monitoring counters |
| topic |
Ciencias Informáticas cache attacks flush+reload AES performance monitoring counters |
| dc.description.none.fl_txt_mv |
Cache timing attacks use shared caches in multi-core processors as side channels to extract information from victim processes. These attacks are particularly dangerous in cloud infrastructures, in which the deployed countermeasures cause collateral e ects in terms of performance loss and increase in energy consumption. We propose to monitor the victim process using an independent monitoring (detector) process, that continuously measures selected Performance Monitoring Counters (PMC) to detect the presence of an attack. Ad-hoc counter- measures can be applied only when such a risky situation arises. In our case, the victim process is the Advanced Encryption Standard (AES) encryption algorithm and the attack is performed by means of random encryption requests. We demonstrate that PMCs are a feasible tool to detect the attack and that sampling PMCs at high frequencies is worse than sampling at lower frequencies in terms of detection capabilities, particularly when the attack is fragmented in time to try to be hidden from detection. Instituto de Investigación en Informática |
| description |
Cache timing attacks use shared caches in multi-core processors as side channels to extract information from victim processes. These attacks are particularly dangerous in cloud infrastructures, in which the deployed countermeasures cause collateral e ects in terms of performance loss and increase in energy consumption. We propose to monitor the victim process using an independent monitoring (detector) process, that continuously measures selected Performance Monitoring Counters (PMC) to detect the presence of an attack. Ad-hoc counter- measures can be applied only when such a risky situation arises. In our case, the victim process is the Advanced Encryption Standard (AES) encryption algorithm and the attack is performed by means of random encryption requests. We demonstrate that PMCs are a feasible tool to detect the attack and that sampling PMCs at high frequencies is worse than sampling at lower frequencies in terms of detection capabilities, particularly when the attack is fragmented in time to try to be hidden from detection. |
| publishDate |
2019 |
| dc.date.none.fl_str_mv |
2019-06 |
| dc.type.none.fl_str_mv |
info:eu-repo/semantics/conferenceObject info:eu-repo/semantics/publishedVersion Objeto de conferencia http://purl.org/coar/resource_type/c_5794 info:ar-repo/semantics/documentoDeConferencia |
| format |
conferenceObject |
| status_str |
publishedVersion |
| dc.identifier.none.fl_str_mv |
http://sedici.unlp.edu.ar/handle/10915/80337 |
| url |
http://sedici.unlp.edu.ar/handle/10915/80337 |
| dc.language.none.fl_str_mv |
eng |
| language |
eng |
| dc.relation.none.fl_str_mv |
info:eu-repo/semantics/altIdentifier/isbn/978-3-030-27713-0 info:eu-repo/semantics/reference/doi/10.1007/978-3-030-27713-0 |
| dc.rights.none.fl_str_mv |
info:eu-repo/semantics/openAccess http://creativecommons.org/licenses/by-nc-sa/4.0/ Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) |
| eu_rights_str_mv |
openAccess |
| rights_invalid_str_mv |
http://creativecommons.org/licenses/by-nc-sa/4.0/ Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) |
| dc.format.none.fl_str_mv |
application/pdf 3-15 |
| dc.source.none.fl_str_mv |
reponame:SEDICI (UNLP) instname:Universidad Nacional de La Plata instacron:UNLP |
| reponame_str |
SEDICI (UNLP) |
| collection |
SEDICI (UNLP) |
| instname_str |
Universidad Nacional de La Plata |
| instacron_str |
UNLP |
| institution |
UNLP |
| repository.name.fl_str_mv |
SEDICI (UNLP) - Universidad Nacional de La Plata |
| repository.mail.fl_str_mv |
alira@sedici.unlp.edu.ar |
| _version_ |
1846064122554220544 |
| score |
13.22299 |