Page Cache Attacks

Daniel Gruss, Erik Kraft, Trishita Tiwari, Michael Schwarz, Ari Trachtenberg, Jason Hennessey, Alex Ionescu, Anders Fogh

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandForschungBegutachtung

Abstract

We present a new side-channel attack that targets one of the most fundamental software caches in modern computer systems: the operating system page cache. The page cache is a pure software cache that contains all disk-backed pages, including program binaries, shared libraries, and other files. On Windows, dynamic pages are also part of this cache and can be attacked as well, e.g., data, heap, and stacks. Our side channel permits unprivileged monitoring of accesses to these pages of other processes, with a spatial resolution of 4KB and a temporal resolution of 2µs on Linux (≤ 6.7 measurements per second), and 466ns on Windows 10 (≤ 223 measurements per second). We systematically analyze the side channel by demonstrating different hardware-agnostic local attacks, including a sandbox-bypassing high-speed covert channel, an ASLR break on Windows 10, and various information leakages that can be used for targeted extortion, spam campaigns, and more directly for UI redressing attacks. We also show that, as with hardware cache attacks, we can attack the generation of temporary passwords on vulnerable cryptographic implementations. Our hardware-agnostic attacks can be mitigated with our proposed security patches, but the basic side channel remains exploitable via timing measurements. We demonstrate this with a remote covert channel exfiltrating information from a colluding process through innocuous server requests.
Originalspracheenglisch
TitelCCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security
Herausgeber (Verlag)ACM/IEEE
Seiten167-180
ISBN (elektronisch) 978-1-4503-6747-9
DOIs
PublikationsstatusVeröffentlicht - 12 Nov 2019
VeranstaltungACM CCS 2019: 26th ACM Conference on Computer and Communications Security - London, Großbritannien / Vereinigtes Königreich
Dauer: 11 Nov 201915 Nov 2019

Konferenz

KonferenzACM CCS 2019
LandGroßbritannien / Vereinigtes Königreich
OrtLondon
Zeitraum11/11/1915/11/19

    Fingerprint

Schlagwörter

    Dieses zitieren

    Gruss, D., Kraft, E., Tiwari, T., Schwarz, M., Trachtenberg, A., Hennessey, J., ... Fogh, A. (2019). Page Cache Attacks. in CCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (S. 167-180). ACM/IEEE. https://doi.org/10.1145/3319535.3339809