|has title::Hiding in Plain Sight: Timing Channels on the Memory Subsystem and Mitigations|
|Master:||project within::Computer Systems and Security|
|Student name:||student name::Floris Kroon|
|Second supervisor:||Cristiano Giuffrida|
|Second reader:||has second reader::Kaveh Razavi|
Covert and side channels have received a lot of attention in recent years, with many new types of information leaks, attack vectors and attack techniques being introduced regularly. Research has shown capabilities ranging from breaking ASLR to transferring information with bandwidths of more than one megabit per second, or leaking cryptographic keys in mere minutes, even defying the strong isolation boundaries between virtual machines. The most prevalent type of covert and side channels are based on timing, so-called timing channels. Many of these timing channels take place in the memory subsystem, in caches, DRAM or on the memory bus.
Many mitigations have been proposed, ranging from microarchitectural changes to migrating VMs to limit the amount of time two VMs can be co-resident. Many mitigations have severe limitations in applicability or security guarantees, some even open timing channels on their own. Timing channels based on deduplication have led to cloud providers turning off deduplication, nullifying the vast benefits it can offer.
This paper provides an extensive overview of research on various types of timing channels in the memory subsystem, as well as a study on mitigations and new timing channels. Furthermore, it provides a comprehensive analysis on the trade-off between the security implications and potential profits of deduplication. Our analysis provides practical recommendations to find the sweet spot of this trade-off.