Projekte pro Jahr
Abstract
Covert channels and side channels bypass architectural security boundaries. Numerous works have studied covert channels and side channels in software and hardware. Thus, research on covert-channel and side-channel mitigations relies on the discovery of leaky hardware and software components.
In this paper, we perform the first study of timing channels inside modern commodity off-the-shelf SSDs. We systematically analyze the behavior of NVMe PCIe SSDs with concurrent workloads. We observe that exceeding the maximum I/O operations of the SSD leads to significant latency spikes. We narrow down the number of I/O operations required to still induce latency spikes on 12 different SSDs. Our results show that a victim process needs to read at least 8 to 128 blocks to be still detectable by an attacker. Based on these experiments, we show that an attacker can build a covert channel, where the sender encodes secret bits into read accesses to unrelated blocks, inaccessible to the receiver. We demonstrate that this covert channel works across different systems and different SSDs, even from processes running inside a virtual machine. Our unprivileged SSD covert channel achieves a true capacity of up to 1503 bit/s while it works across virtual machines (cross-VM) and is agnostic to operating system versions, as well as other hardware characteristics such as CPU or DRAM. Given the coarse granularity of the SSD timing channel, we evaluate it as a side channel in an open-world website fingerprinting attack over the top 100 websites. We achieve an F1 score of up to 97.0. This shows that the leakage goes beyond covert communication and can leak highly sensitive information from victim users. Finally, we discuss the root cause of the SSD timing channel and how it can be mitigated
In this paper, we perform the first study of timing channels inside modern commodity off-the-shelf SSDs. We systematically analyze the behavior of NVMe PCIe SSDs with concurrent workloads. We observe that exceeding the maximum I/O operations of the SSD leads to significant latency spikes. We narrow down the number of I/O operations required to still induce latency spikes on 12 different SSDs. Our results show that a victim process needs to read at least 8 to 128 blocks to be still detectable by an attacker. Based on these experiments, we show that an attacker can build a covert channel, where the sender encodes secret bits into read accesses to unrelated blocks, inaccessible to the receiver. We demonstrate that this covert channel works across different systems and different SSDs, even from processes running inside a virtual machine. Our unprivileged SSD covert channel achieves a true capacity of up to 1503 bit/s while it works across virtual machines (cross-VM) and is agnostic to operating system versions, as well as other hardware characteristics such as CPU or DRAM. Given the coarse granularity of the SSD timing channel, we evaluate it as a side channel in an open-world website fingerprinting attack over the top 100 websites. We achieve an F1 score of up to 97.0. This shows that the leakage goes beyond covert communication and can leak highly sensitive information from victim users. Finally, we discuss the root cause of the SSD timing channel and how it can be mitigated
Originalsprache | englisch |
---|---|
Titel | Network and Distributed System Security (NDSS) Symposium 2025 |
DOIs | |
Publikationsstatus | Veröffentlicht - 23 Feb. 2025 |
Veranstaltung | Network and Distributed System Security Symposium 2025: NDSS 2025 - San Diego, USA / Vereinigte Staaten Dauer: 23 Feb. 2025 → 28 Feb. 2025 https://www.ndss-symposium.org/ndss2025/ |
Konferenz
Konferenz | Network and Distributed System Security Symposium 2025 |
---|---|
Kurztitel | NDSS 2025 |
Land/Gebiet | USA / Vereinigte Staaten |
Ort | San Diego |
Zeitraum | 23/02/25 → 28/02/25 |
Internetadresse |
Fields of Expertise
- Information, Communication & Computing
Fingerprint
Untersuchen Sie die Forschungsthemen von „Secret Spilling Drive: Leaking User Behavior through SSD Contention“. Zusammen bilden sie einen einzigartigen Fingerprint.Projekte
- 3 Laufend
-
-
Spezialforschungsbereich (SFB) F85 Semantische und kryptographische Grundlagen von Sicherheit und Datenschutz durch Compositional Design
1/01/23 → 31/12/26
Projekt: Forschungsprojekt
-
FWF - NeRAM - Rowhammer-Angriffe und Schadensbegrenzung der nächsten Generation
1/12/22 → 30/11/25
Projekt: Forschungsprojekt