32 nd IEEE Symposium on Security and Privacy May 22-25, 2011 Oakland, CA Results • Side channel: infer key from decryption time (RSA, AES) • Covert channel : transmit data by controlling timing Timing channel threats Predictive Mitigation of Timing Channels for Interactive Systems Danfeng Zhang, Aslan Askarov and Andrew C. Myers (Cornell University) Theoretical and empirical results show predictive mitigation of timing channels is practical for interactive systems • Goal - bound information leakage through timing channels • Main idea - delay events according to predefined schedules - when events are not ready at predicted times, change to a new schedule Predictive mitigation (CCS’10) • Attacker model - attacker may influence output time - attacker can observe mitigated output time • Request type: public payloads, e.g., URLs • Public information: input time, request types Interactive system model Time of outputs is predicted by public information Thread/request type model Prediction function with public information Idea: bound possible # of observations Leakage analysis N £ log 2 ( M + 1 )+ §log 2 ( ¤ i ) Variation ≤ ( M + 1 ) N £ ¦¤ i Leakage in bits: When request type 1 has a misprediction, do we penalize request type 2? Local: only type 1 is penalized Global: both type 1 and 2 are penalized 5-level grace period: penalize type 2 only when # of type 2’s mispredictions is greater than 5 Intuition: request types with few mispredictions should receive little penalty since they leak little information Penalty policies (bound on N) Fast doubling • start with q • double q after misprediction • Λ i = 1 • Leakage bound R: # of request types T w : worst-case execution time (300s, the default timeout setting of Firefox) Security •HTTP(S) proxy server that mitigates MIT CSAIL homepage (49 URLs) • 5-level grace period • Various request types - Type/Host (2) - Type/URL (49) - Host+URL type (7) Performance epoch 2 epoch 3 time epoch 1 x x Single epoch ≤ # of inputs+1 (M+1) possible schedules Λ i # of epochs N Epoch: all events on schedule x : misprediction Penalty: new pessimistic schedule after misprediction ( 6R+log 2 ( T w +1 ) ¡ 5 ) £ log 2 ( M+1 )
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
32nd IEEE Symposium on Security and Privacy
May 22-25, 2011
Oakland, CA
Results
• Side channel: infer key from
decryption time (RSA, AES)
• Covert channel: transmit data by
controlling timing
Timing channel threats
Predictive Mitigation of Timing Channels for Interactive Systems
Danfeng Zhang, Aslan Askarov and Andrew C. Myers (Cornell University)
Theoretical and empirical results show
predictive mitigation of timing channels is practical for interactive systems
• Goal
- bound information leakage through
timing channels
• Main idea
- delay events according to predefined schedules
- when events are not ready at predicted times,
change to a new schedule
Predictive mitigation (CCS’10)
• Attacker model
- attacker may influence output time
- attacker can observe mitigated output time
• Request type: public payloads, e.g., URLs
• Public information: input time, request types
Interactive system model
Time of outputs is predicted by public informationThread/request type model
Prediction function with public information
Idea: bound possible # of observations
Leakage analysis
N£ log2(M+ 1) +§log2(¤i)
Variation ≤ (M+ 1)N £¦¤i
Leakage in bits:
When request type 1 has a misprediction, do we penalize request type 2?
Local: only type 1 is penalized
Global: both type 1 and 2 are penalized
5-level grace period: penalize type 2 only when # of
type 2’s mispredictions is greater than 5
Intuition: request types with few mispredictions should receive little penalty since they leak little information
Penalty policies (bound on N)
Fast doubling• start with q
• double q after misprediction
• Λi = 1
• Leakage bound
R: # of request types
Tw: worst-case execution time (300s, the
default timeout setting of Firefox)
Security
•HTTP(S) proxy server
that mitigates MIT CSAIL
homepage (49 URLs)
• 5-level grace period
• Various request types
- Type/Host (2)
- Type/URL (49)
- Host+URL type (7)
Performance
epoch 2 epoch 3time
epoch 1
x x
Single epoch
≤ # of inputs+1 (M+1) possible schedules
Λi
# of epochs
N
Epoch: all events
on schedule x : mispredictionPenalty: new pessimistic
schedule after misprediction
(6R+log2(Tw+1)¡5)£log2(M+1)
Related Documents
