High-Performance TLB Covert Channels

  • Type:Bachelor Thesis
  • Date:01.09.2020
  • Supervisor:

    Prof. Dr. Frank Bellosa
    Dr. Marc Rittinghaus

  • Graduand:Micha Hanselmann
  • Links:PDF
  • Abstract
    The ongoing global trend towards large-scale cloud virtualization raises concerns on how secure these systems are. Previous work has shown how shared hardware resources (e.g., caches) can be exploited to break isolation between processes and virtual machines. With TLBleed [18], the Translation Lookaside Buffer (TLB) was identified as a new attack vector which is immune to state-of-the-art security mechanisms such as Intel’s Cache Allocation Technology (CAT).
    Given the general feasibility of TLB-based covert channels, we aim to considerably increase the performance of TLB-based covert channels in terms of channel bit rate and reliability, thereby demonstrating that holistic techniques for microarchitectural resource partitioning are needed. Therefore, we design a two-layer communication protocol capable of dealing with the issues of synchronization and noise due to concurrently running processes. Furthermore, we present a novel approach to monitor TLB entries by leveraging the accessed bit in page table entries. We are able to achieve error-free transmissions at bit rates of up to 200 kB/s in a Linux KVM environment running on current Intel hardware.

    BibTex:

    @bachelorthesis{hanselmann20covertchannels,
      author = {Micha Hanselmann},
      title = {High-Performance TLB Covert Channels},
      type = {Bachelor Thesis},
      year = 2020,
      month = sep # "01",
      school = {Operating Systems Group, Karlsruhe Institute of Technology (KIT), Germany}
      }