Robust and Scalable Process Isolation against Spectre in the Cloud

Martin Schwarzl, Pietro Borrello, Andreas Kogler, Kenton Varda, Thomas Schuster, Michael Schwarz, Daniel Gruss

Research output: Contribution to conferencePaperpeer-review

Abstract

In the quest for efficiency and performance, edge-computing providers replace process isolation with sandboxes, to support a high number of tenants per machine.
While secure against software vulnerabilities, microarchitectural attacks can bypass these sandboxes.

In this paper, we present a Spectre attack leaking secrets from co-located tenants in edge computing.
Our remote Spectre attack, using amplification techniques and a remote timing server, leaks 2 bit/min.
This motivates our main contribution, DyPrIs, a scalable process-isolation mechanism that only isolates suspicious worker scripts following a lightweight detection mechanism.
In the worst case, DyPrIs boils down to process isolation.
Our proof-of-concept implementation augments real-world cloud infrastructure used in production at large scale, Cloudflare Workers.
With a false-positive rate of only 0.61 %, we demonstrate that DyPrIs outperforms strict process isolation while statistically maintaining its
security guarantees, fully mitigating cross-tenant Spectre attacks.
Original languageEnglish
Number of pages20
Publication statusPublished - 26 Sep 2022
EventESORICS 2022: 27th European Symposium on Research in Computer Security - Kopenhagen, Denmark
Duration: 26 Sep 202230 Sep 2022

Conference

ConferenceESORICS 2022
Country/TerritoryDenmark
CityKopenhagen
Period26/09/2230/09/22

Keywords

  • Transient-execution attacks
  • Remote Timing Attacks
  • Side-Channel Mitigations

Fingerprint

Dive into the research topics of 'Robust and Scalable Process Isolation against Spectre in the Cloud'. Together they form a unique fingerprint.

Cite this