-
WhisperFuzz: White-Box Fuzzing for Detecting and Locating Timing Vulnerabilities in Processors
Authors:
Pallavi Borkar,
Chen Chen,
Mohamadreza Rostami,
Nikhilesh Singh,
Rahul Kande,
Ahmad-Reza Sadeghi,
Chester Rebeiro,
Jeyavijayan Rajendran
Abstract:
Timing vulnerabilities in processors have emerged as a potent threat. As processors are the foundation of any computing system, identifying these flaws is imperative. Recently fuzzing techniques, traditionally used for detecting software vulnerabilities, have shown promising results for uncovering vulnerabilities in large-scale hardware designs, such as processors. Researchers have adapted black-b…
▽ More
Timing vulnerabilities in processors have emerged as a potent threat. As processors are the foundation of any computing system, identifying these flaws is imperative. Recently fuzzing techniques, traditionally used for detecting software vulnerabilities, have shown promising results for uncovering vulnerabilities in large-scale hardware designs, such as processors. Researchers have adapted black-box or grey-box fuzzing to detect timing vulnerabilities in processors. However, they cannot identify the locations or root causes of these timing vulnerabilities, nor do they provide coverage feedback to enable the designer's confidence in the processor's security.
To address the deficiencies of the existing fuzzers, we present WhisperFuzz--the first white-box fuzzer with static analysis--aiming to detect and locate timing vulnerabilities in processors and evaluate the coverage of microarchitectural timing behaviors. WhisperFuzz uses the fundamental nature of processors' timing behaviors, microarchitectural state transitions, to localize timing vulnerabilities. WhisperFuzz automatically extracts microarchitectural state transitions from a processor design at the register-transfer level (RTL) and instruments the design to monitor the state transitions as coverage. Moreover, WhisperFuzz measures the time a design-under-test (DUT) takes to process tests, identifying any minor, abnormal variations that may hint at a timing vulnerability. WhisperFuzz detects 12 new timing vulnerabilities across advanced open-sourced RISC-V processors: BOOM, Rocket Core, and CVA6. Eight of these violate the zero latency requirements of the Zkt extension and are considered serious security vulnerabilities. Moreover, WhisperFuzz also pinpoints the locations of the new and the existing vulnerabilities.
△ Less
Submitted 14 March, 2024; v1 submitted 5 February, 2024;
originally announced February 2024.
-
A Survey of Security Concerns and Countermeasures in Modern Micro-architectures with Transient Execution
Authors:
Nikhilesh Singh,
Vinod Ganesan,
Chester Rebeiro
Abstract:
In the last two decades, the evolving cyber-threat landscape has brought to center stage the contentious tradeoffs between the security and performance of modern microprocessors. The guarantees provided by the hardware to ensure no violation of process boundaries have been shown to be breached in several real-world scenarios. While modern CPU features such as superscalar, out-of-order, simultaneou…
▽ More
In the last two decades, the evolving cyber-threat landscape has brought to center stage the contentious tradeoffs between the security and performance of modern microprocessors. The guarantees provided by the hardware to ensure no violation of process boundaries have been shown to be breached in several real-world scenarios. While modern CPU features such as superscalar, out-of-order, simultaneous multi-threading, and speculative execution play a critical role in boosting system performance, they are central for a potent class of security attacks termed transient micro-architectural attacks. These attacks leverage shared hardware resources in the CPU that are used during speculative and out-of-order execution to steal sensitive information. Researchers have used these attacks to read data from the Operating Systems (OS) and Trusted Execution Environments (TEE) and to even break hardware-enforced isolation.
Over the years, several variants of transient micro-architectural attacks have been developed. While each variant differs in the shared hardware resource used, the underlying attack follows a similar strategy. This paper presents a panoramic view of security concerns in modern CPUs, focusing on the mechanisms of these attacks and providing a classification of the variants. Further, we discuss state-of-the-art defense mechanisms towards mitigating these attacks.
△ Less
Submitted 25 May, 2023;
originally announced May 2023.
-
SUNDEW: An Ensemble of Predictors for Case-Sensitive Detection of Malware
Authors:
Sareena Karapoola,
Nikhilesh Singh,
Chester Rebeiro,
Kamakoti V
Abstract:
Malware programs are diverse, with varying objectives, functionalities, and threat levels ranging from mere pop-ups to financial losses. Consequently, their run-time footprints across the system differ, impacting the optimal data source (Network, Operating system (OS), Hardware) and features that are instrumental to malware detection. Further, the variations in threat levels of malware classes aff…
▽ More
Malware programs are diverse, with varying objectives, functionalities, and threat levels ranging from mere pop-ups to financial losses. Consequently, their run-time footprints across the system differ, impacting the optimal data source (Network, Operating system (OS), Hardware) and features that are instrumental to malware detection. Further, the variations in threat levels of malware classes affect the user requirements for detection. Thus, the optimal tuple of <data-source, features, user-requirements> is different for each malware class, impacting the state-of-the-art detection solutions that are agnostic to these subtle differences.
This paper presents SUNDEW, a framework to detect malware classes using their optimal tuple of <data-source, features, user-requirements>. SUNDEW uses an ensemble of specialized predictors, each trained with a particular data source (network, OS, and hardware) and tuned for features and requirements of a specific class. While the specialized ensemble with a holistic view across the system improves detection, aggregating the independent conflicting inferences from the different predictors is challenging. SUNDEW resolves such conflicts with a hierarchical aggregation considering the threat-level, noise in the data sources, and prior domain knowledge. We evaluate SUNDEW on a real-world dataset of over 10,000 malware samples from 8 classes. It achieves an F1-Score of one for most classes, with an average of 0.93 and a limited performance overhead of 1.5%.
△ Less
Submitted 14 November, 2022; v1 submitted 11 November, 2022;
originally announced November 2022.
-
Privacy-Preserving Decentralized Exchange Marketplaces
Authors:
Kavya Govindarajan,
Dhinakaran Vinayagamurthy,
Praveen Jayachandran,
Chester Rebeiro
Abstract:
Decentralized exchange markets leveraging blockchain have been proposed recently to provide open and equal access to traders, improve transparency and reduce systemic risk of centralized exchanges. However, they compromise on the privacy of traders with respect to their asset ownership, account balance, order details and their identity. In this paper, we present Rialto, a fully decentralized priva…
▽ More
Decentralized exchange markets leveraging blockchain have been proposed recently to provide open and equal access to traders, improve transparency and reduce systemic risk of centralized exchanges. However, they compromise on the privacy of traders with respect to their asset ownership, account balance, order details and their identity. In this paper, we present Rialto, a fully decentralized privacy-preserving exchange marketplace with support for matching trade orders, on-chain settlement and market price discovery. Rialto provides confidentiality of order rates and account balances and unlinkability between traders and their trade orders, while retaining the desirable properties of a traditional marketplace like front-running resilience and market fairness. We define formal security notions and present a security analysis of the marketplace. We perform a detailed evaluation of our solution, demonstrate that it scales well and is suitable for a large class of goods and financial instruments traded in modern exchange markets.
△ Less
Submitted 20 December, 2021; v1 submitted 30 November, 2021;
originally announced November 2021.
-
LEASH: Enhancing Micro-architectural Attack Detection with a Reactive Process Scheduler
Authors:
Nikhilesh Singh,
Chester Rebeiro
Abstract:
Micro-architectural attacks use information leaked through shared resources to break hardware-enforced isolation. These attacks have been used to steal private information ranging from cryptographic keys to privileged Operating System (OS) data in devices ranging from mobile phones to cloud servers. Most existing software countermeasures either have unacceptable overheads or considerable false pos…
▽ More
Micro-architectural attacks use information leaked through shared resources to break hardware-enforced isolation. These attacks have been used to steal private information ranging from cryptographic keys to privileged Operating System (OS) data in devices ranging from mobile phones to cloud servers. Most existing software countermeasures either have unacceptable overheads or considerable false positives. Further, they are designed for specific attacks and cannot readily adapt to new variants.
In this paper, we propose a framework called LEASH, which works from the OS scheduler to stymie micro-architectural attacks with minimal overheads, negligible impact of false positives, and is capable of handling a wide range of attacks. LEASH works by starving maliciously behaving threads at runtime, providing insufficient time and resources to carry out an attack. The CPU allocation for a falsely flagged thread found to be benign is boosted to minimize overheads. To demonstrate the framework, we modify Linux's Completely Fair Scheduler with LEASH and evaluate it with seven micro-architectural attacks ranging from Meltdown and Rowhammer to a TLB covert channel. The runtime overheads are evaluated with a range of real-world applications and found to be less than 1% on average.
△ Less
Submitted 20 September, 2021; v1 submitted 8 September, 2021;
originally announced September 2021.
-
SIGNED: A Challenge-Response Based Interrogation Scheme for Simultaneous Watermarking and Trojan Detection
Authors:
Abhishek Nair,
Patanjali SLPSK,
Chester Rebeiro,
Swarup Bhunia
Abstract:
The emergence of distributed manufacturing ecosystems for electronic hardware involving untrusted parties has given rise to diverse trust issues. In particular, IP piracy, overproduction, and hardware Trojan attacks pose significant threats to digital design manufacturers. Watermarking has been one of the solutions employed by the semiconductor industry to overcome many of the trust issues. Howeve…
▽ More
The emergence of distributed manufacturing ecosystems for electronic hardware involving untrusted parties has given rise to diverse trust issues. In particular, IP piracy, overproduction, and hardware Trojan attacks pose significant threats to digital design manufacturers. Watermarking has been one of the solutions employed by the semiconductor industry to overcome many of the trust issues. However, current watermarking techniques have low coverage, incur hardware overheads, and are vulnerable to removal or tampering attacks. Additionally, these watermarks cannot detect Trojan implantation attacks where an adversary alters a design for malicious purposes. We address these issues in our framework called SIGNED: Secure Lightweight Watermarking Scheme for Digital Designs.
SIGNED relies on a challenge-response protocol based interrogation scheme for generating the watermark. SIGNED identifies sensitive regions in the target netlist and samples them to form a compact signature that is representative of the functional and structural characteristics of a design. We show that this signature can be used to simultaneously verify, in a robust manner, the provenance of a design, as well as any malicious alterations to it at any stage during design process. We evaluate SIGNED on the ISCAS85 and ITC benchmark circuits and obtain a detection accuracy of 87.61\% even for modifications as low as 5-gates. We further demonstrate that SIGNED can benefit from integration with a logic locking solution, where it can achieve increased protection against removal/tempering attacks and incurs lower overhead through judicious reuse of the locking logic for watermark creation.
△ Less
Submitted 11 October, 2020;
originally announced October 2020.
-
SISSLE in consensus-based Ripple: Some Improvements in Speed, Security and Last Mile Connectivity
Authors:
Mayank Mundhra,
Chester Rebeiro
Abstract:
Cryptocurrencies are rapidly finding application in areas such as Real Time Gross Settlements and Payments. Ripple is a cryptocurrency that has gained prominence with banks and payment providers. It solves the Byzantine General's Problem with its Ripple Protocol Consensus Algorithm (RPCA), where each server maintains a list of servers, called the Unique Node List (UNL), that represents the network…
▽ More
Cryptocurrencies are rapidly finding application in areas such as Real Time Gross Settlements and Payments. Ripple is a cryptocurrency that has gained prominence with banks and payment providers. It solves the Byzantine General's Problem with its Ripple Protocol Consensus Algorithm (RPCA), where each server maintains a list of servers, called the Unique Node List (UNL), that represents the network for that server and will not collectively defraud it. The server believes that the network has come to a consensus when servers on the UNL come to a consensus on a transaction.
In this paper we improve Ripple to achieve better speed, security and last mile connectivity. We implement guidelines for resilience, robustness, improved security, and efficient information propagation (IP). We enhance the system to ensure that each server receives information from across the whole network rather than just from the UNL members. We introduce the paradigm of UNL overlap as a function of IP and the trust a server assigns to its own UNL. Our design makes it possible to identify and mitigate some malicious behaviours including attempts to fraudulently Double Spend or stall the system. We provide experimental evidence of the benefits of our approach over the current Ripple scheme. We observe $\geq 99.67\%$ reduction in opportunities for double spend attacks and censorship, $1.71x$ increase in fault tolerance to $\geq 34.21\%$ malicious nodes, $\geq 4.97x$ and $98.22x$ speedup and success rate for IP respectively, and $\geq 3.16x$ and $51.70x$ speedup and success rate in consensus respectively.
△ Less
Submitted 15 May, 2021; v1 submitted 4 August, 2020;
originally announced August 2020.
-
PARAM: A Microprocessor Hardened for Power Side-Channel Attack Resistance
Authors:
Muhammad Arsath K F,
Vinod Ganesan,
Rahul Bodduna,
Chester Rebeiro
Abstract:
The power consumption of a microprocessor is a huge channel for information leakage. While the most popular exploitation of this channel is to recover cryptographic keys from embedded devices, other applications such as mobile app fingerprinting, reverse engineering of firmware, and password recovery are growing threats. Countermeasures proposed so far are tuned to specific applications, such as c…
▽ More
The power consumption of a microprocessor is a huge channel for information leakage. While the most popular exploitation of this channel is to recover cryptographic keys from embedded devices, other applications such as mobile app fingerprinting, reverse engineering of firmware, and password recovery are growing threats. Countermeasures proposed so far are tuned to specific applications, such as crypto-implementations. They are not scalable to the large number and variety of applications that typically run on a general purpose microprocessor.
In this paper, we investigate the design of a microprocessor, called PARAM with increased resistance to power based side-channel attacks. To design PARAM, we start with identifying the most leaking modules in an open-source RISC V processor. We evaluate the leakage in these modules and then add suitable countermeasures. The countermeasures depend on the cause of leakage in each module and can vary from simple modifications of the HDL code ensuring secure translation by the EDA tools, to obfuscating data and address lines thus breaking correlation with the processor's power consumption. The resultant processor is instantiated on the SASEBO-GIII FPGA board and found to resist Differential Power Analysis even after one million power traces. Compared to contemporary countermeasures for power side-channel attacks, overheads in area and frequency are minimal.
△ Less
Submitted 20 November, 2019;
originally announced November 2019.
-
PERI: A Posit Enabled RISC-V Core
Authors:
Sugandha Tiwari,
Neel Gala,
Chester Rebeiro,
V. Kamakoti
Abstract:
Owing to the failure of Dennard's scaling the last decade has seen a steep growth of prominent new paradigms leveraging opportunities in computer architecture. Two technologies of interest are Posit and RISC-V. Posit was introduced in mid-2017 as a viable alternative to IEEE 754-2008. Posit promises more accuracy, higher dynamic range, and fewer unused states along with simpler hardware designs as…
▽ More
Owing to the failure of Dennard's scaling the last decade has seen a steep growth of prominent new paradigms leveraging opportunities in computer architecture. Two technologies of interest are Posit and RISC-V. Posit was introduced in mid-2017 as a viable alternative to IEEE 754-2008. Posit promises more accuracy, higher dynamic range, and fewer unused states along with simpler hardware designs as compared to IEEE 754-2008. RISC-V, on the other hand, provides a commercial-grade open-source ISA. It is not only elegant and simple but also highly extensible and customizable, thereby facilitating novel micro-architectural research and exploration. In this paper, we bring these two technologies together and propose the first Posit Enabled RISC-V core. The paper provides insights on how the current 'F' extension and the custom op-code space of RISC-V can be leveraged/modified to support Posit arithmetic. We also present implementation details of a parameterized and feature-complete Posit FPU which is integrated with the RISC-V compliant SHAKTI C-class core either as an execution unit or as an accelerator. To fully leverage the potential of Posit, we further enhance our Posit FPU, with minimal overheads, to support two different exponent sizes (with posit-size being 32-bits). This allows applications to switch from high-accuracy computation mode to a mode with higher dynamic-range at run-time. In the absence of viable software tool-chain to enable porting of applications in the Posit domain, we present a workaround on how certain applications can be modified minimally to exploit the existing RISC-V tool-chain. We also provide examples of applications which can perform better with Posit as compared to IEEE 754-2008. The proposed Posit FPU consumes 3507 slice LUTs and 1294 slice registers on an Artix-7-100T Xilinx FPGA while capable of operating at 100 MHz.
△ Less
Submitted 5 August, 2019;
originally announced August 2019.
-
GANDALF: A fine-grained hardware-software co-design for preventing memory attacks
Authors:
Gnanambikai Krishnakumar,
Patanjali SLPSK,
Prasanna Karthik Vairam,
Chester Rebeiro
Abstract:
Reading or writing outside the bounds of a buffer is a serious security vulnerability that has been exploited in numerous occasions. These attacks can be prevented by ensuring that every buffer is only accessed within its specified bounds. In this paper we present Gandalf, a compiler-assisted hardware extension for the OpenRISC processor that thwarts all forms of memory based attacks including buf…
▽ More
Reading or writing outside the bounds of a buffer is a serious security vulnerability that has been exploited in numerous occasions. These attacks can be prevented by ensuring that every buffer is only accessed within its specified bounds. In this paper we present Gandalf, a compiler-assisted hardware extension for the OpenRISC processor that thwarts all forms of memory based attacks including buffer overflows and over-reads.The feature associates lightweight base and bound capabilities to all pointer variables, which are checked at run time by the hardware. Gandalf is transparent to the user and does not require significant OS modifications. Moreover, it achieves locality, thus resulting in small performance penalties.
△ Less
Submitted 23 February, 2017;
originally announced February 2017.