Conference paper Open Access

Flush+Flush: A Fast and Stealthy Cache Attack

Gruss, Daniel; Maurice, Clémentine; Wagner, Klaus; Mangard, Stefan


MARC21 XML Export

<?xml version='1.0' encoding='UTF-8'?>
<record xmlns="http://www.loc.gov/MARC21/slim">
  <leader>00000nam##2200000uu#4500</leader>
  <controlfield tag="005">20200120144950.0</controlfield>
  <datafield tag="500" ind1=" " ind2=" ">
    <subfield code="a">H2020 644052 / HECTOR</subfield>
  </datafield>
  <controlfield tag="001">55446</controlfield>
  <datafield tag="711" ind1=" " ind2=" ">
    <subfield code="d">7-8 July 2016</subfield>
    <subfield code="g">DIMVA 2016</subfield>
    <subfield code="a">13th Conference on Detection of Intrusions and Malware &amp; Vulnerability Assessment</subfield>
    <subfield code="c">Donostia-San Sebastián, Spain</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">TU Graz</subfield>
    <subfield code="a">Maurice, Clémentine</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">TU Graz</subfield>
    <subfield code="a">Wagner,  Klaus</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">TU Graz</subfield>
    <subfield code="a">Mangard, Stefan</subfield>
  </datafield>
  <datafield tag="856" ind1="4" ind2=" ">
    <subfield code="s">516882</subfield>
    <subfield code="z">md5:0b730a11e9f5ccfc2e66a2a049cb6ee2</subfield>
    <subfield code="u">https://zenodo.org/record/55446/files/HECTOR-Flush-Flush-Cache-Attack-2016.pdf</subfield>
  </datafield>
  <datafield tag="542" ind1=" " ind2=" ">
    <subfield code="l">open</subfield>
  </datafield>
  <datafield tag="856" ind1="4" ind2=" ">
    <subfield code="y">Conference website</subfield>
    <subfield code="u">http://dimva2016.mondragon.edu/en</subfield>
  </datafield>
  <datafield tag="260" ind1=" " ind2=" ">
    <subfield code="c">2016-07-07</subfield>
  </datafield>
  <datafield tag="909" ind1="C" ind2="O">
    <subfield code="p">openaire</subfield>
    <subfield code="p">user-ecfunded</subfield>
    <subfield code="p">user-hector</subfield>
    <subfield code="o">oai:zenodo.org:55446</subfield>
  </datafield>
  <datafield tag="100" ind1=" " ind2=" ">
    <subfield code="u">TU Graz</subfield>
    <subfield code="a">Gruss, Daniel</subfield>
  </datafield>
  <datafield tag="245" ind1=" " ind2=" ">
    <subfield code="a">Flush+Flush: A Fast and Stealthy Cache Attack</subfield>
  </datafield>
  <datafield tag="980" ind1=" " ind2=" ">
    <subfield code="a">user-ecfunded</subfield>
  </datafield>
  <datafield tag="980" ind1=" " ind2=" ">
    <subfield code="a">user-hector</subfield>
  </datafield>
  <datafield tag="536" ind1=" " ind2=" ">
    <subfield code="c">644052</subfield>
    <subfield code="a">HARDWARE ENABLED CRYPTO AND RANDOMNESS</subfield>
  </datafield>
  <datafield tag="540" ind1=" " ind2=" ">
    <subfield code="u">http://creativecommons.org/licenses/by-nc-sa/4.0/legalcode</subfield>
    <subfield code="a">Creative Commons Attribution Non Commercial Share Alike 4.0 International</subfield>
  </datafield>
  <datafield tag="650" ind1="1" ind2="7">
    <subfield code="a">cc-by</subfield>
    <subfield code="2">opendefinition.org</subfield>
  </datafield>
  <datafield tag="520" ind1=" " ind2=" ">
    <subfield code="a">&lt;p&gt;Research on cache attacks has shown that CPU caches leak signi_cant information. Proposed detection mechanisms assume that all cache attacks cause more cache hits and cache misses than benign applications and use hardware performance counters for detection. In this article, we show that this assumption does not hold by developing a novel attack technique: the Flush+Flush attack. The Flush+Flush attack only relies on the execution time of the ush instruction, which depends on whether data is cached or not. Flush+Flush does not make any memory accesses, contrary to any other cache attack. Thus, it causes no cache misses at all and the number of cache hits is reduced to a minimum due to the constant cache ushes. Therefore, Flush+Flush attacks are stealthy, i.e., the spy process cannot be detected based on cache hits and misses, or state-of-the-art detection mechanisms. The Flush+Flush attack runs in a higher frequency and thus is faster than any existing cache attack. With 496 KB/s in a cross-core covert channel it is 6:7 times faster than any previously published cache covert channel.&lt;br&gt;
 &lt;/p&gt;</subfield>
  </datafield>
  <datafield tag="024" ind1=" " ind2=" ">
    <subfield code="a">10.5281/zenodo.55446</subfield>
    <subfield code="2">doi</subfield>
  </datafield>
  <datafield tag="980" ind1=" " ind2=" ">
    <subfield code="a">publication</subfield>
    <subfield code="b">conferencepaper</subfield>
  </datafield>
</record>
22
71
views
downloads
All versions This version
Views 2222
Downloads 7171
Data volume 36.7 MB36.7 MB
Unique views 2121
Unique downloads 5050

Share

Cite as