• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>International conference on computer design >AdapTimer: Hardware/Software Collaborative Timer Resistant to Flush-Based Cache Attacks on ARM-FPGA Embedded SoC
【24h】

AdapTimer: Hardware/Software Collaborative Timer Resistant to Flush-Based Cache Attacks on ARM-FPGA Embedded SoC

机译:AdapTimer:硬件/软件协作计时器,可抵抗ARM-FPGA嵌入式SoC上基于刷新的缓存攻击

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

ARM-FPGA embedded SoCs have been widely used in the fields of drones, embedded and IoT devices due to its high performance and hardware design flexibility. However, ARM-FPGA embedded SoC suffers various types of security threats, one of which is flush-based cache attack. The proposed defense schemes either lead to a high false positive rate or a large performance loss. Due to the importance of high resolution time APIs in the system, schemes that permanently reduce the resolution of time APIs can only be implemented in specific applications such as browsers. Moreover, the method of protecting high resolution timers in software cannot defend against an attacker with root privileges. In this paper, we propose a more secure timer which is a hardware/software co-design on ARM-FPGA embedded SoC. When a software process calls the flush operation, the timer adaptively reduces its resolution and recover after a short period of time. In the case that the flush operation is not called, the impact of the timer on system performance is almost negligible. This hardware/software co-design guarantees the availability of a high resolution time API while defend against attackers with root privileges. The results of the attack experiments show that the success rates of Flush+Reload and flush-based Spectre attacks can be reduced to less than 1% when using the timer. Performance test results show that the timer access latency is 9.5% slower than the fastest PMCCNTR but 5% faster than the global timer of Cortex-A9 MPCore. The modified flush operation API for the design only increases the time consumption by about 12%.
机译:由于ARM-FPGA嵌入式SoC的高性能和硬件设计灵活性,已被广泛应用于无人机,嵌入式和IoT设备领域。但是,ARM-FPGA嵌入式SoC遭受各种类型的安全威胁,其中之一是基于刷新的缓存攻击。提议的防御方案会导致较高的误报率或较大的性能损失。由于系统中高分辨率时间API的重要性,永久降低时间API分辨率的方案只能在特定的应用程序(例如浏览器)中实现。此外,在软件中保护高​​分辨率计时器的方法无法防御具有root特权的攻击者。在本文中,我们提出了一种更安全的计时器,该计时器是基于ARM-FPGA嵌入式SoC的硬件/软件协同设计。当软件进程调用刷新操作时,计时器会自适应地降低其分辨率,并在短时间后恢复。在不调用刷新操作的情况下,计时器对系统性能的影响几乎可以忽略不计。这种硬件/软件协同设计保证了高分辨率时间API的可用性,同时以root权限防御攻击者。攻击实验的结果表明,使用计时器时,刷新+重新加载和基于刷新的Spectre攻击的成功率可以降低到不足1%。性能测试结果表明,计时器访问延迟比最快的PMCCNTR慢9.5%,但比Cortex-A9 MPCore的全局计时器快5%。用于设计的修改后的冲洗操作API仅将时间消耗增加了大约12%。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号