A Compiler Assisted Scheduler for Detecting and Mitigating Cache-Based Side Channel Attacks
Detection and mitigation of side-channel attacks is a very important problem. Although this is an active area of research, the solutions proposed in the literature have limitations in that they do not work in a real-world multi-tenancy setting on servers, have false positives or high overheads limiting their applicability. In this work, we demonstrate a compiler guided scheduler, Biscuit, which detects the cache-based side-channel attacks for processes scheduled on multi-tenancy server farms with very high accuracy. At the heart of the scheme is the generation and use of a cache miss model which is inserted by the compiler at the entrances of loop nests to predict the underlying cache misses. Such inserted beacons convey the cache miss information to the scheduler at run time which uses it to co-schedule processes such that their combined cache footprint does not exceed the maximum capacity of the last level cache. The scheduled processes are then monitored for actual vs predicted cache misses and when an anomaly is detected, the scheduler performs a binary search to isolate the attacker. We show that Biscuit is able to detect and mitigate Prime+Probe, Flush+Reload, and Flush+Flush attacks on OpenSSL cryptography algorithms with an F-score of 1 and also detect and mitigate degradation of service on the vision application suite with an F-score of 0.92. Under no attack scenario, the scheme poses low overheads (up to a maximum of 6%). We believe that due to its ability to deal with multi-tenancy, its attack detection precision, ability to mitigate and low overheads, such a scheme is practicable.
READ FULL TEXT