Projects per year
Abstract
Research on cache attacks has shown that CPU caches leak significant information. Proposed detection mechanisms assume that all cache attacks cause more cache hits and cache misses than benign applications and use hardware performance counters for detection. In this article, we show that this assumption does not hold by developing a novel attack technique: the Flush+Flush attack. The Flush+Flush attack only relies on the execution time of the flush instruction, which depends on whether data is cached or not. Flush+Flush does not make any memory accesses, contrary to any other cache attack. Thus, it causes no cache misses at all and the number of cache hits is reduced to a minimum due to the constant cache flushes. Therefore, Flush+Flush attacks are stealthy, i.e., the spy process cannot be detected based on cache hits and misses, or state-of-the-art detection mechanisms. The Flush+Flush attack runs in a higher frequency and thus is faster than any existing cache attack. With 496 KB/s in a cross-core covert channel it is 6.7 times faster than any previously published cache covert channel.
Original language | English |
---|---|
Title of host publication | Detection of Intrusions and Malware, and Vulnerability Assessment - 13th International Conference, DIMVA 2016, Proceedings |
Publisher | Springer-Verlag Italia |
Pages | 279-299 |
Number of pages | 21 |
Volume | 9721 |
ISBN (Print) | 9783319406664 |
DOIs | |
Publication status | Published - 2016 |
Event | 13th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2016 - San Sebastian, Spain Duration: 7 Jul 2016 → 8 Jul 2016 |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 9721 |
ISSN (Print) | 03029743 |
ISSN (Electronic) | 16113349 |
Conference
Conference | 13th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2016 |
---|---|
Country/Territory | Spain |
City | San Sebastian |
Period | 7/07/16 → 8/07/16 |
ASJC Scopus subject areas
- Theoretical Computer Science
- Computer Science(all)
Fingerprint
Dive into the research topics of 'Flush+Flush: A fast and stealthy cache attack'. Together they form a unique fingerprint.Projects
- 3 Finished
-
HECTOR - Hardware enable crypto and randomness
Korak, T., Mangard, S. & Mendel, F.
1/03/15 → 31/07/18
Project: Research project
-
Matthew - Multi-entity-security using active Transmission Technology for improved Handling of Exportable security credentials Without privacy restrictions (MATTHEW Project)
Hanser, C., Wenger, E., Korak, T., Groß, H., Mangard, S. & Unterluggauer, T.
1/11/13 → 31/10/16
Project: Research project
-
SeCoS - Secure Contactless Sphere - Smart RFID-Technologies for a Connected World
Bösch, W., Wenger, E., Khan, H. N., Schmidt, J., Gadringer, M. E., Spreitzer, R. C., Mendel, F., Gruss, D., Hutter, M., Freidl, P. F., Görtschacher, L. J., Mangard, S. & Grosinger, J.
1/01/13 → 31/12/15
Project: Research project