Loading…
A Quantitative, Experimental Approach to Measuring Processor Side-Channel Security
User inputs tend to change the execution characteristics of applications including their interactions with cache, network, storage, and other systems. Many attacks have exploited the observable side effects of these execution characteristics to expose sensitive information. In response, researchers...
Saved in:
Published in: | IEEE MICRO 2013-05, Vol.33 (3), p.68-77 |
---|---|
Main Authors: | , , , |
Format: | Article |
Language: | English |
Subjects: | |
Citations: | Items that this one cites Items that cite this one |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | User inputs tend to change the execution characteristics of applications including their interactions with cache, network, storage, and other systems. Many attacks have exploited the observable side effects of these execution characteristics to expose sensitive information. In response, researchers have proposed countermeasures to protect against these attacks. However there is currently no systematic, holistic methodology for understanding information leakage. As a result, it is not well known how design decisions affect information leakage or the vulnerability of entire systems to side-channel attacks. The authors propose a metric for measuring information leakage called the Side-channel Vulnerability Factor (SVF). The SVF is based on the observation that all side-channel attacks - ranging from physical to microarchitectural to software - rely on recognizing leaked execution patterns. The SVF quantifies patterns in attackers' observations and measures their correlation to the victim's actual execution patterns and in doing so captures systems' predisposition to leak information. Thus, the SVF provides a quantitative approach to securing computer architecture. |
---|---|
ISSN: | 0272-1732 1937-4143 |
DOI: | 10.1109/MM.2013.23 |