Identifying Microbenchmark Signatures of Existing Microarchitectural Exploits Using the Unified Side Channel Attack - Model (USCA-M) Four-Phase Testing Process

Richard Ward, Andrew Johnson

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

This paper presents the Unified Side Channel Attack – Model (USCA-M) four-phase testing process that can been used to represent microbenchmark signatures of microarchitecture exploits. The microbenchmark signatures have been created from generated hardware performance counter (HPC) events from the critical code components at assembly level on an Intel Core i7 CPU. Identifying critical components from the thousands of lines of assembly code from the various exploit proof of concepts (POCs) was a key factor, otherwise it would render the POCs unsuccessful. The USCA-M four-phase testing process includes exploit placement into a USCA-M matrix, testing, verification, and validation. This four-phase testing process enabled identification of the critical components used within the exploit and at a low-level catch the HPC events that were represented as microbenchmark signatures. The use of microarchitectural exploits as the design benchmark served three purposes. Firstly, demonstrations of microarchitectural based attacks are published alongside open source POCs and exploit code. Secondly, using exploit code minimizes the need for complex test bed set up and expensive equipment required for other SCA type analysis. Lastly, there is a broad range of open-source resources available that could be used tools for exploit code analysis. The use of the USCA-M four-phased testing process provides a uniform categorization of exploits and the signatures generated could be used in intrusion detection systems to identify microarchitectural-based malicious code.
Original languageEnglish
Title of host publication11th International Symposium on Digital Forensics and Security (ISDFS)
EditorsAsaf Varol, Murat Karabatak, Cihan Varol, Ahad Nasab
PublisherInstitute of Electrical and Electronics Engineers
Pages1-5
ISBN (Electronic)979-8-3503-3698-6
DOIs
Publication statusPublished - 26 May 2023
Event2023 11th International Symposium on Digital Forensics and Security (ISDFS) - Chattanooga, TN, United States
Duration: 11 May 202312 May 2023

Publication series

Name2023 11th International Symposium on Digital Forensics and Security (ISDFS)
PublisherInstitute of Electrical and Electronics Engineers

Conference

Conference2023 11th International Symposium on Digital Forensics and Security (ISDFS)
Country/TerritoryUnited States
CityTN
Period11/05/2312/05/23

Keywords

  • Microarchitecture
  • Codes
  • Digital forensics
  • Intrusion detection
  • Side-channel attacks
  • Benchmark testing
  • Malware

Fingerprint

Dive into the research topics of 'Identifying Microbenchmark Signatures of Existing Microarchitectural Exploits Using the Unified Side Channel Attack - Model (USCA-M) Four-Phase Testing Process'. Together they form a unique fingerprint.

Cite this