Mitigating the CACHEKIT attack

Mauricio Gutierrez; Ziming Zhao; Adam Doupé; Yan Shoshitaishvili; Gail Joon Ahn

doi:10.1049/PBCS066E_ch8

Mitigating the CACHEKIT attack

Mauricio Gutierrez, Ziming Zhao, Adam Doupé, Yan Shoshitaishvili, Gail Joon Ahn

Research output: Chapter in Book/Report/Conference proceeding › Chapter

Abstract

Through thorough research and experimentation, we arrive at the optimal defense mechanism that we call CACHELIGHT, a lightweight approach for preventing malicious abuse of cache -locking mechanisms. This novel solution leverages both the TZ and virtualization extensions in the ARM architecture to address the vulnerability identified by CACHEKIT. In this chapter, we cover the design, implementation, and implications of CACHELIGHT and how it is used to allow legitimate users to continue to utilize cache locking while giving SW the power to ensure system security by controlling and verifying the use of said mechanisms.

Original language	English (US)
Title of host publication	Frontiers in Hardware Security and Trust
Publisher	Institution of Engineering and Technology
Pages	173-196
Number of pages	24
ISBN (Electronic)	9781785619274
DOIs	https://doi.org/10.1049/PBCS066E_ch8
State	Published - Jan 1 2021

Keywords

ARM architecture
CACHEKIT attack mitigation
CACHELIGHT
Cache storage
Cache-locking mechanisms
Data security
File organisation
Lightweight approach
Malicious abuse prevention
Optimal defense mechanism
Security of data
System security
Virtualization extensions

ASJC Scopus subject areas

General Engineering

Access to Document

10.1049/PBCS066E_ch8

Cite this

@inbook{6a4cf048733a4d5e8207f96d8fdfc23e,

title = "Mitigating the CACHEKIT attack",

abstract = "Through thorough research and experimentation, we arrive at the optimal defense mechanism that we call CACHELIGHT, a lightweight approach for preventing malicious abuse of cache -locking mechanisms. This novel solution leverages both the TZ and virtualization extensions in the ARM architecture to address the vulnerability identified by CACHEKIT. In this chapter, we cover the design, implementation, and implications of CACHELIGHT and how it is used to allow legitimate users to continue to utilize cache locking while giving SW the power to ensure system security by controlling and verifying the use of said mechanisms.",

keywords = "ARM architecture, CACHEKIT attack mitigation, CACHELIGHT, Cache storage, Cache-locking mechanisms, Data security, File organisation, Lightweight approach, Malicious abuse prevention, Optimal defense mechanism, Security of data, System security, Virtualization extensions",

author = "Mauricio Gutierrez and Ziming Zhao and Adam Doup{\'e} and Yan Shoshitaishvili and Ahn, {Gail Joon}",

note = "Publisher Copyright: {\textcopyright} The Institution of Engineering and Technology 2021.",

year = "2021",

month = jan,

day = "1",

doi = "10.1049/PBCS066E_ch8",

language = "English (US)",

pages = "173--196",

booktitle = "Frontiers in Hardware Security and Trust",

publisher = "Institution of Engineering and Technology",

address = "United Kingdom",

}

TY - CHAP

T1 - Mitigating the CACHEKIT attack

AU - Gutierrez, Mauricio

AU - Zhao, Ziming

AU - Doupé, Adam

AU - Shoshitaishvili, Yan

AU - Ahn, Gail Joon

N1 - Publisher Copyright: © The Institution of Engineering and Technology 2021.

PY - 2021/1/1

Y1 - 2021/1/1

N2 - Through thorough research and experimentation, we arrive at the optimal defense mechanism that we call CACHELIGHT, a lightweight approach for preventing malicious abuse of cache -locking mechanisms. This novel solution leverages both the TZ and virtualization extensions in the ARM architecture to address the vulnerability identified by CACHEKIT. In this chapter, we cover the design, implementation, and implications of CACHELIGHT and how it is used to allow legitimate users to continue to utilize cache locking while giving SW the power to ensure system security by controlling and verifying the use of said mechanisms.

AB - Through thorough research and experimentation, we arrive at the optimal defense mechanism that we call CACHELIGHT, a lightweight approach for preventing malicious abuse of cache -locking mechanisms. This novel solution leverages both the TZ and virtualization extensions in the ARM architecture to address the vulnerability identified by CACHEKIT. In this chapter, we cover the design, implementation, and implications of CACHELIGHT and how it is used to allow legitimate users to continue to utilize cache locking while giving SW the power to ensure system security by controlling and verifying the use of said mechanisms.

KW - ARM architecture

KW - CACHEKIT attack mitigation

KW - CACHELIGHT

KW - Cache storage

KW - Cache-locking mechanisms

KW - Data security

KW - File organisation

KW - Lightweight approach

KW - Malicious abuse prevention

KW - Optimal defense mechanism

KW - Security of data

KW - System security

KW - Virtualization extensions

UR - http://www.scopus.com/inward/record.url?scp=85117992570&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85117992570&partnerID=8YFLogxK

U2 - 10.1049/PBCS066E_ch8

DO - 10.1049/PBCS066E_ch8

M3 - Chapter

AN - SCOPUS:85117992570

SP - 173

EP - 196

BT - Frontiers in Hardware Security and Trust

PB - Institution of Engineering and Technology

ER -

Mitigating the CACHEKIT attack

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this