- Library Home /
- Search Collections /
- Open Collections /
- Browse Collections /
- UBC Undergraduate Research /
- Defenses for main memory systems using memory controllers
Open Collections
UBC Undergraduate Research
Defenses for main memory systems using memory controllers Wang, Bolin
Abstract
Main memories are a key shared resource within modern computing systems. This thesis shows that memory controllers are prone to side/covert-channel vulnerabilities. The first vulnerability, called Drip-R, exploits the fact that row-buffer hits and misses incur different latency for the memory controller. The second vulnerability, called Drip-Q, leverages the read queue contention within the memory controller to fabricate differential latency. These differential latencies act as side/covert –channels and can be used to leak or receive data from other processes. To overcome these vulnerabilities, this thesis proposes two secure and high performance scheduling policies called Plumber-R and Plumber-Q, respectively. These policies work on the insight that request scheduling can be split into isolated epochs. We show that epochs can prevent the creation of side-channels within the memory controller and prohibit the attacker processes from leaking or receiving data using side-channels. Furthermore, within each isolated epoch, the memory requests can take advantage of row-buffer hits and improve performance. Our experiments show that, on average, Plumber-R and Plumber-Q provide 29% and 41% speedup over the prior state-of-the-art scheduling policies Close Page and Fixed Service.
Item Metadata
| Title |
Defenses for main memory systems using memory controllers
|
| Creator | |
| Date Issued |
2019-12-03
|
| Description |
Main memories are a key shared resource within modern computing systems. This thesis shows that memory controllers are prone to side/covert-channel vulnerabilities. The first vulnerability, called Drip-R, exploits the fact that row-buffer hits and misses incur different latency for the memory controller. The second vulnerability, called Drip-Q, leverages the read queue contention within the memory controller to fabricate differential latency. These differential latencies act as side/covert –channels and can be used to leak or receive data from other processes.
To overcome these vulnerabilities, this thesis proposes two secure and high performance scheduling policies called Plumber-R and Plumber-Q, respectively. These policies work on the insight that request scheduling can be split into isolated epochs.
We show that epochs can prevent the creation of side-channels within the memory controller and prohibit the attacker processes from leaking or receiving data using side-channels. Furthermore, within each isolated epoch, the memory requests can take advantage of row-buffer hits and improve performance. Our experiments show that, on average, Plumber-R and Plumber-Q provide 29% and 41% speedup over the prior state-of-the-art scheduling policies Close Page and Fixed Service.
|
| Genre | |
| Type | |
| Language |
eng
|
| Series | |
| Date Available |
2019-12-03
|
| Provider |
Vancouver : University of British Columbia Library
|
| Rights |
Attribution-NonCommercial-NoDerivatives 4.0 International
|
| DOI |
10.14288/1.0386728
|
| URI | |
| Affiliation | |
| Peer Review Status |
Unreviewed
|
| Scholarly Level |
Undergraduate
|
| Rights URI | |
| Aggregated Source Repository |
DSpace
|
Item Media
Item Citations and Data
Rights
Attribution-NonCommercial-NoDerivatives 4.0 International