Identifying Microbenchmark Signatures of Existing Microarchitectural Exploits Using the Unified Side Channel Attack - Model (USCA-M) Four-Phase Testing Process

Richard Ward, Andrew Johnson

Allbwn ymchwil: Pennod mewn Llyfr/Adroddiad/Trafodion CynhadleddCyfraniad i gynhadleddadolygiad gan gymheiriaid

Crynodeb

This paper presents the Unified Side Channel Attack – Model (USCA-M) four-phase testing process that can been used to represent microbenchmark signatures of microarchitecture exploits. The microbenchmark signatures have been created from generated hardware performance counter (HPC) events from the critical code components at assembly level on an Intel Core i7 CPU. Identifying critical components from the thousands of lines of assembly code from the various exploit proof of concepts (POCs) was a key factor, otherwise it would render the POCs unsuccessful. The USCA-M four-phase testing process includes exploit placement into a USCA-M matrix, testing, verification, and validation. This four-phase testing process enabled identification of the critical components used within the exploit and at a low-level catch the HPC events that were represented as microbenchmark signatures. The use of microarchitectural exploits as the design benchmark served three purposes. Firstly, demonstrations of microarchitectural based attacks are published alongside open source POCs and exploit code. Secondly, using exploit code minimizes the need for complex test bed set up and expensive equipment required for other SCA type analysis. Lastly, there is a broad range of open-source resources available that could be used tools for exploit code analysis. The use of the USCA-M four-phased testing process provides a uniform categorization of exploits and the signatures generated could be used in intrusion detection systems to identify microarchitectural-based malicious code.
Iaith wreiddiolSaesneg
Teitl11th International Symposium on Digital Forensics and Security (ISDFS)
GolygyddionAsaf Varol, Murat Karabatak, Cihan Varol, Ahad Nasab
CyhoeddwrInstitute of Electrical and Electronics Engineers
Tudalennau1-5
ISBN (Electronig)979-8-3503-3698-6
Dynodwyr Gwrthrych Digidol (DOIs)
StatwsCyhoeddwyd - 26 Mai 2023
Digwyddiad2023 11th International Symposium on Digital Forensics and Security (ISDFS) - Chattanooga, TN, Yr Unol Daleithiau
Hyd: 11 Mai 202312 Mai 2023

Cyfres gyhoeddiadau

Enw2023 11th International Symposium on Digital Forensics and Security (ISDFS)
CyhoeddwrInstitute of Electrical and Electronics Engineers

Cynhadledd

Cynhadledd2023 11th International Symposium on Digital Forensics and Security (ISDFS)
Gwlad/TiriogaethYr Unol Daleithiau
DinasTN
Cyfnod11/05/2312/05/23

Ôl bys

Gweld gwybodaeth am bynciau ymchwil 'Identifying Microbenchmark Signatures of Existing Microarchitectural Exploits Using the Unified Side Channel Attack - Model (USCA-M) Four-Phase Testing Process'. Gyda’i gilydd, maen nhw’n ffurfio ôl bys unigryw.

Dyfynnu hyn