Covert Channel Based on AMD Precision Boost 2

  • Type:Bachelor Thesis
  • Date:28.10.2019
  • Supervisor:

    Prof. Dr. Frank Bellosa
    Mathias Gottschlag

  • Graduand:Tim Schmidt
  • Links:PDF
  • Covert channels provide an attacker with the means of bypassing application isolation demanded by system security policies. This thesis presents a frequencybased covert channel using the dynamic frequency scaling technology AMD Precision Boost 2, similar to a covert channel based on Intel Turbo Boost presented by Kalmbach [8]. By applying load on multiple CPU cores, the core frequency of all cores is reduced. This frequency drop can be measured by a receiver, allowing messages to be transmitted. Our analysis showed that in contrast to Intel Turbo Boost, Precision Boost 2 reacts with high, asymmetric latencies which introduce new problems in the construction of covert channels. In our design, we compensate for the asymmetric latencies by changing how the receiver translates frequencies into symbols. Our covert channel reaches a net bit rate of 1.08 bit/s when using a transfer protocol to ensure that messages are transmitted without errors. The channel also does not rely on operating system support, making the construction of centralized software-based countermeasures not trivial.


