LAUSR

Cross-core cache timing side-channel attacks, which observe cache access behavior of victims running on different physical cores to infer sensitive information, have become a significant threat. Although the attacks are covert, they cause the attacked cachelines to frequently migrate among cache hierarchies, rendering abnormal traffic. Based on this observation, the proposed scheme PiPoMonitor records cache-memory access traffic and prefetch suspicious lines under attack to interfere with adversaries’ probes. In pursuit of security and performance, PiPoMonitor exploits a Cuckoo filter as the recording structure and introduces two features to it: 1) autonomic deletion and 2) relocation accelerating. The former exponentially increases the uncertainty of record eviction against reverse engineering attacks, while the latter leverages a pipelined architecture to alleviate the impact of intensive filter queries on the memory critical path. PiPoMonitor is not only able to effectively mitigate cross-core cache attacks and defeat sophisticated defense-aware attackers but also induces a negligible performance penalty and acceptable hardware overhead.