memor ory d y defen enses es
play

Memor ory D y Defen enses es The Elevation from Obscurity to - PowerPoint PPT Presentation

Nov 18, 2023 •422 likes •740 views

Memor ory D y Defen enses es The Elevation from Obscurity to Headlines Rajeev Balasubramonian School of Computing, University of Utah 2 Image sources: pinterest, gizmodo Spectre Overview x is controlled Thanks to bpred, x can be

  1. Memor ory D y Defen enses es The Elevation from Obscurity to Headlines Rajeev Balasubramonian School of Computing, University of Utah

  2. 2 Image sources: pinterest, gizmodo

  3. Spectre Overview x is controlled Thanks to bpred, x can be anything by attacker array1[ ] is the secret if (x < array1_size) Victim Code y = array2[ array1[x] ]; Access pattern of array2[ ] betrays the secret 3

  4. What Did We Learn? Speculation + Specific Code + No side channel defenses 4

  5. The Wake Up Call Say Yes to Side Channel Defenses 5

  6. Overview • Memory timing channels • The Fixed Service memory controller [MICRO 2015] • Memory access patterns • Near-data ORAM [HPCA 2018] • Memory integrity • Improving SGX with VAULT [ASPLOS 2018] 6

  7. Memory Timing Channels VM 1 Victim CORE 1 MC VM 2 Attacker CORE 2 Two VMs sharing a processor and memory channel 7

  8. Possible Attacks VM 1 CORE 1 MC VM 2 CORE 2 Attack 1: Bits in a key influence memory accesses Attack 2: A victim can betray secrets through memory activity Attack 3: A covert channel attack 8

  9. Covert Channel Attack Electronic health records 3 rd party document reader VM 1 CORE 1 MC VM 2 CORE 2 Conspirator A covert channel 9

  10. Fixed Service Memory Controller VM-1 has its data in Rank-1 VM-2 has its data in Rank-2 … VM-8 has its data in Rank-8 VM-1 begins memory access VM-2 begins memory access VM-8 begins memory access … VM-1 begins memory access Time (in cycles) 0 7 49 56 10

  11. Fixed Service Details • Deterministic schedule • No resource contention • Dummy accesses if nothing pending • Lower bandwidth, higher latency • Why 7? DRAM timing parameters, worst-case • Rank partitioning: 7 cycle gap • Bank partitioning: 15 cycle gap • No partitioning: 43 cycle gap 11

  12. Overcoming Worst-Case • In one batch of requests, schedule all reads, followed by all writes (worst-case encountered once per batch) • Impose constraints on banks that can be accessed – triple bank alternation Red: Bank-id mod 3 = 0 Blue: Bank-id mod 3 = 1 Green: Bank-id mod 3 = 2 0 1 2 3 4 5 6 7 0 1 2 3 0 4 5 6 7 15 3x15 = 45 > 43 12

  13. Results NON-SECURE BASELINE 1.0 PERFORMANCE FS 0.74 FS: RD/WR-REORDER 0.48 FS: TRIPLE ALTERNATION 0.43 0.40 TP 0.20 Increased OS complexity TP 13 NO PARTITIONING BANK PARTITIONING RANK PARTITIONING

  14. Overview • Memory timing channels • The Fixed Service memory controller [MICRO 2015] • Memory access patterns • Near-data ORAM [HPCA 2018] • Memory integrity • Improving SGX with VAULT [ASPLOS 2018] 14

  15. Oblivious RAM • Assumes that addresses are exposed Image sources: vice.com • PHANTOM [CCS’13]: Memory bandwidth overhead of … 15

  16. Oblivious RAM • Assumes that addresses are exposed Image sources: vice.com • PHANTOM [CCS’13]: Memory bandwidth overhead of … 2560x (about 280x today) 16

  17. Path-ORAM Stash 17

  18. A Distributed ORAM Authenticated buffer chip ORAM operations shift from Processor MC Processor to SDIMM. ORAM traffic pattern shifts from the memory bus to on- All buses are exposed SDIMM “private” buses. Buffer chip and processor communication is encrypted 18

  19. The Independent ORAM Protocol 1. Each SDIMM handles a subtree of the ORAM tree. 2. Only traffic on shared memory channel: CPU Processor MC requests and leaf-id re- assignments. 3. As much parallelism as the number of SDIMMs. 19

  20. The Split ORAM Protocol 1. Each SDIMM handles a subset of every node. 2. Only metadata is sent to the processor. Processor MC 3. The processor tells the SDIMMs how to shuffle data. 4. Lower latency per ORAM request, but lower parallelism as well. 20

  21. ORAM Results Summary • Can combine the Independent and Split protocols to find the best balance of latency and parallelism • Bandwidth demands are reduced from 280x  35x Execution time overheads from 5.2x  2.7x • Reduces memory energy by 2.5x 21

  22. Overview • Memory timing channels • The Fixed Service memory controller [MICRO 2015] • Memory access patterns • Near-data ORAM [HPCA 2018] • Memory integrity • Improving SGX with VAULT [ASPLOS 2018] 22

  23. Intel SGX Basics 1. Enclave data is protected Intel SGX from malicious OS/operator. EPC 96MB 2. A per-block integrity tree Enclave 1 Non-EPC Sen protects EPC. … 3. A per-page integrity tree Non-EPC NSen Enclave N protects non-EPC Sen. Memory 4. This keeps overheads (bw and capacity) of integrity tree low. 5. Entails frequent paging between EPC and non-EPC. 23

  24. Intel SGX Basics 1. Enclave data is protected Intel SGX from malicious OS/operator. EPC 96MB 2. A per-block integrity tree Enclave 1 Non-EPC Sen protects EPC. … 3. A per-page integrity tree Non-EPC NSen Enclave N protects non-EPC Sen. Memory 4. This keeps overheads (bw and capacity) of integrity tree low. VAULT: Unify EPC and non-EPC to 5. Entails frequent paging reduce paging. New integrity tree for between EPC and non-EPC. low bw. Better metadata for capacity. 24

  25. SGX Overheads 25

  26. Bonsai Merkle Tree … Root block in processor … Intermediate Hashes Hash Hash Hash 64 bits … 512 bits … Hash Hash Hash Leaf hashes … Shared … Arity=8 512 bits for global Local 64 counters counter counter Arity=64 … 7b … 64b 7b MAC MAC Data Block Data Block 64+512 bits 26

  27. VAULT 1. Small linkage counters  high arity, compact/shallow tree, better cacheability. 2. Variable counter width to manage overflow. 3. Reduces bandwidth overhead for integrity verification. 27

  28. VAULT+SMC 1. MAC storage and bw overheads are high. 2. Sharing a MAC among 4 blocks reduces storage, but incr bw. 3. A block is compressed and the MAC is embedded in the block  reduces bw and storage. 28

  29. Integrity Results Summary • 3.7x performance improvement over SGX – primarily because of lower paging overheads • A large effective EPC is palatable – 4.7% storage overhead and a more scalable tree (34% better than the SGX tree) VAULT+SMC 29

  30. Big Finish • Memory defenses were purely academic pursuits • Integrity trees now a part of Intel SGX: overheads of 2x – 40x • VAULT improves integrity overhead to 1.5x – 2.5x • FS eliminates timing channels with overhead of 2x • SDIMM improves ORAM overhead to 2.7x • An array of memory defenses is now commercially viable … and strategic given latent vulnerabilities Acks: Ali Shafiee, Meysam Taassori, Akhila Gundu, Manju Shevgoor, Mohit Tiwari, Feifei Li, NSF, Intel. 30

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CPSC 410/ 611: Week 7 Vir t ual Memor y Reading: Silber shat z, Chapt er 9 Vir

CPSC 410/ 611: Week 7 Vir t ual Memor y Reading: Silber shat z, Chapt er 9 Vir

CPSC 410 / 611 : Operating Systems CPSC 410/ 611: Week 7 Vir t ual Memor y Reading: Silber shat z, Chapt er 9 Vir t ual Memor y, MI PS-St yle pr epar at ion f or MP3 Virt ual Memory Over view / Mot ivat ion

624 views • 20 slides
Veg egetation M Management &amp; &amp; De Defen ensible e Space Ordinance i e in El D

Veg egetation M Management &amp; &amp; De Defen ensible e Space Ordinance i e in El D

Veg egetation M Management &amp; &amp; De Defen ensible e Space Ordinance i e in El D Dorado County Oak H Hill F ill Fir ire S Safe Council il February 11, 11, 2020 Over erview ew Why Vegetation Mgmt? Defensible Space

883 views • 36 slides
Ca Catch ch M Me If Ca e If Can: A Cl A Clou oud-En -Enabled ed DDoS DDoS De Defen ense

Ca Catch ch M Me If Ca e If Can: A Cl A Clou oud-En -Enabled ed DDoS DDoS De Defen ense

Ca Catch ch M Me If Ca e If Can: A Cl A Clou oud-En -Enabled ed DDoS DDoS De Defen ense e Quan Jia, Huangxin Wang, Dan Fleck, Fei Li, Angelos Stavrou, Walter Powell Presented by Surya Mani Content u Motivation u Related Work u

262 views • 23 slides
SLID IDE : In In Defen ense e of Smart Algorithms over er Ha Hardware e Accel eler

SLID IDE : In In Defen ense e of Smart Algorithms over er Ha Hardware e Accel eler

SLID IDE : In In Defen ense e of Smart Algorithms over er Ha Hardware e Accel eler eration for Large-Scale e Deep eep Lea earning System ems Beidi Chen Collaborators: Tharun Medini * , James Farwell , Sameh Gobriel , Charlie

824 views • 39 slides
The e European pean St Stru ructu ctural ral Fund nds s in t in the e De Defen ence

The e European pean St Stru ructu ctural ral Fund nds s in t in the e De Defen ence

The e European pean St Stru ructu ctural ral Fund nds s in t in the e De Defen ence ce Se Sector or Objectives To identify innovative ways of funding dual use R&amp;T projects, in order to promote innovation across the EDTIB

541 views • 17 slides
Multi Mu ti-Di Dimensio mensional nal, In-GP GPU-Memor Memory Dat ataba abases ses: St

Multi Mu ti-Di Dimensio mensional nal, In-GP GPU-Memor Memory Dat ataba abases ses: St

Multi Mu ti-Di Dimensio mensional nal, In-GP GPU-Memor Memory Dat ataba abases ses: St Stre ream aming ing Co Condi dition tional al Ca Calculat culations ions in in Bi Big g Data a Se Sets Peter Strohm | GTC15 | San

529 views • 35 slides
Re Resilient Distributed Datasets: A Fa Fault-To Tolerant Abstraction for In In-Me Memor

Re Resilient Distributed Datasets: A Fa Fault-To Tolerant Abstraction for In In-Me Memor

Re Resilient Distributed Datasets: A Fa Fault-To Tolerant Abstraction for In In-Me Memor ory Cl Cluster r Com Computi ting Authors: Matei Zaharia, Mosharaf Chowdhury, Tathagata Das, Ankur Dave, Justin Ma, Murphy McCauley, Michael J.

733 views • 27 slides
Limit ed DRAM Wit h paging we could pr obably f unct ion wit h j ust one r esident

Limit ed DRAM Wit h paging we could pr obably f unct ion wit h j ust one r esident

Limit ed DRAM Wit h paging we could pr obably f unct ion wit h j ust one r esident memor y page f or each pr ocess (and 14: Memory Management it s Mast er Page Table) But r eading and wr it ing memor y pages t o disk is

366 views • 5 slides
DEATH PENALTY THE SINGAPORE M. Ravi STORY In In Memor Memory Executed by the State on

DEATH PENALTY THE SINGAPORE M. Ravi STORY In In Memor Memory Executed by the State on

THE IRREFUTABLE CASE AGAINST DEATH PENALTY THE SINGAPORE M. Ravi STORY In In Memor Memory Executed by the State on Friday 19 May 2017 for trafficking 72.5g of heroin because the Attorney General refused to grant him a Certificate of

663 views • 31 slides
2019 WEDCO Annual Meeting Tues day, Mar c h 1 2 , 2 0 1 9 W illiams C ounty Veter ans Memor ial

2019 WEDCO Annual Meeting Tues day, Mar c h 1 2 , 2 0 1 9 W illiams C ounty Veter ans Memor ial

2019 WEDCO Annual Meeting Tues day, Mar c h 1 2 , 2 0 1 9 W illiams C ounty Veter ans Memor ial 11:00AM - 1:00P M Keeping Williams County Connected WEDCO is YOUR Advocate! Working together with the community, schools, businesses, and local

458 views • 34 slides
Rebound: Scalable Checkpointing for Coherent Shared Memor for Coherent Shared Memory Rishi

Rebound: Scalable Checkpointing for Coherent Shared Memor for Coherent Shared Memory Rishi

Rebound: Scalable Checkpointing for Coherent Shared Memor for Coherent Shared Memory Rishi Agarwal, Pranav Garg, and Josep Torrellas D Department of Computer Science f C S i University of Illinois at Urbana-Champaign

685 views • 33 slides
Ser ializability of T r ansac tions in Softwar e T r ansac tional Memor y Utku Aydonat

Ser ializability of T r ansac tions in Softwar e T r ansac tional Memor y Utku Aydonat

Ser ializability of T r ansac tions in Softwar e T r ansac tional Memor y Utku Aydonat Utku Aydonat uaydonat@eecg.toronto.edu De partme nt o f E le c tric al and Co mpute r E ngine e ring U nive rsity o f T o ro nto Workshop on

549 views • 34 slides
LONG SHOR T-TERM MEMOR Y Neural Comput a tion 9(8):1735{1780, 1997 Sepp Ho c hreiter

LONG SHOR T-TERM MEMOR Y Neural Comput a tion 9(8):1735{1780, 1997 Sepp Ho c hreiter

LONG SHOR T-TERM MEMOR Y Neural Comput a tion 9(8):1735{1780, 1997 Sepp Ho c hreiter J urgen Sc hmidh ub er F akult at f ur Informatik IDSIA T ec hnisc he Univ ersit at M unc hen Corso Elv

325 views • 32 slides
Memory Chapter 7 Encoding, Storage and Retrieval of Memor y Encoding Storage

Memory Chapter 7 Encoding, Storage and Retrieval of Memor y Encoding Storage

Memory Chapter 7 Encoding, Storage and Retrieval of Memor y Encoding Storage Retrieval Forgetting Three Systems of Memory Sensory memory Iconic memory Echoic memory Working/ short-term memory - storage process

701 views • 19 slides
Impr oving Memor y Hier ar chy Per for mance For Ir r egular Applications J ohn Mellor- Crummey

Impr oving Memor y Hier ar chy Per for mance For Ir r egular Applications J ohn Mellor- Crummey

Impr oving Memor y Hier ar chy Per for mance For Ir r egular Applications J ohn Mellor- Crummey * David Whalley * K ennedy * en K * Dept. of Computer Science * Dept. of Computer Science Rice University Florida State University Motivation

618 views • 40 slides
MAPPING THE SMALL - SCALE STRUCTURE OF D ARK M ATTER HALOS WITH ALMA O BSERVATIONS OF S TRONG L

MAPPING THE SMALL - SCALE STRUCTURE OF D ARK M ATTER HALOS WITH ALMA O BSERVATIONS OF S TRONG L

MAPPING THE SMALL - SCALE STRUCTURE OF D ARK M ATTER HALOS WITH ALMA O BSERVATIONS OF S TRONG L ENSES Y ASHAR H EZAVEH H UBBLE F ELLOW - KIPAC - S TANFORD U NIVERSITY R ENCONTRE DU V IETNAM - Q UI N HON - 2016 N. D ALAL , D. M ARRONE , G. H OLDER ,

978 views • 79 slides
Cloud Control Design Review Team Andrew Thompson Anna Lee Project Lead, Audio Streaming

Cloud Control Design Review Team Andrew Thompson Anna Lee Project Lead, Audio Streaming

Cloud Control Design Review Team Andrew Thompson Anna Lee Project Lead, Audio Streaming Audio Processing Reed Taylor Brent Morada PCB Design, Audio Streaming Wireless Communication Project Vision, Applications

291 views • 28 slides
The consequences of sync_binlog != 1 by Jean-Franois Gagn Senior Infrastructure Engineer /

The consequences of sync_binlog != 1 by Jean-Franois Gagn Senior Infrastructure Engineer /

The consequences of sync_binlog != 1 by Jean-Franois Gagn Senior Infrastructure Engineer / System and MySQL Expert jeanfrancois AT messagebird DOT com / @jfg956 #FOSDEM #MySQLDevRoom The full title of the talk should be The consequences of

610 views • 32 slides
Deformable Organ Contour Transfer with Deep Inverse Shape Encoding (DISE) Networks for

Deformable Organ Contour Transfer with Deep Inverse Shape Encoding (DISE) Networks for

Deformable Organ Contour Transfer with Deep Inverse Shape Encoding (DISE) Networks for Auto-segmentation in Low Contrast Regions Tiancheng Liu 1 Xiaobai Sun 1 Fang-fang Yin 2 Lei Ren 2 1 Department of Computer Science, Duke University, USA 2

572 views • 20 slides
Revisiting the Limits of MAP Inference by MWSS on Perfect Graphs Adrian Weller University of

Revisiting the Limits of MAP Inference by MWSS on Perfect Graphs Adrian Weller University of

Revisiting the Limits of MAP Inference by MWSS on Perfect Graphs Adrian Weller University of Cambridge CP 2015 Cork, Ireland Slides and full paper at http://mlg.eng.cam.ac.uk/adrian/ 1 / 21 Motivation: undirected graphical models (MRFs)

594 views • 27 slides
Malicious Documents Trends: a Gmail Perspective Google, @elie with the help of many Googlers

Malicious Documents Trends: a Gmail Perspective Google, @elie with the help of many Googlers

SESSION ID: HTA-T10 Malicious Documents Trends: a Gmail Perspective Google, @elie with the help of many Googlers Slides available here: htups://elie.net/rsa20 In Oct 2019 the Russian sponsored APT group Primitive Bear used obfuscated

679 views • 47 slides
CSSE463: Image Recognition Day 26 This week Today: Finding lines and circles using the

CSSE463: Image Recognition Day 26 This week Today: Finding lines and circles using the

CSSE463: Image Recognition Day 26 This week Today: Finding lines and circles using the Hough transform (Sonka 6.26) Please fill out ANGEL evaluation of Sunset partner using &quot;Term Project Partner Evaluation&quot; Next class:

357 views • 14 slides
MLCC 2015 machine learning applications Francesca Odone ML applications Machine Learning

MLCC 2015 machine learning applications Francesca Odone ML applications Machine Learning

MLCC 2015 machine learning applications Francesca Odone ML applications Machine Learning systems are trained on examples rather than being programmed MLCC machine learning applications Data challenges big data - extract real knowledge from

451 views • 30 slides
VU Augmented Reality on Mobile Devices VU Augmented Reality on Mobile Devices Introduction

VU Augmented Reality on Mobile Devices VU Augmented Reality on Mobile Devices Introduction

VU Augmented Reality on Mobile Devices VU Augmented Reality on Mobile Devices Introduction Introduction What is AR What is AR Interaction Techniques Navigation Collaboration Navigation, Collaboration Visualization

760 views • 55 slides

More recommend