Addressing Cache Side-Channel Attacks Using Taint-Guided Fine-Grained Computation Offloading in Near-Memory Processing
摘要
With the growing demand for resource-intensive applications and the rising popularity of cloud computing, resource sharing has become a standard practice, primarily aimed at enhancing system performance. However, this sharing introduces multiple vulnerabilities, including cache side-channel attacks. Such attacks exploit shared cache states to infer sensitive information, posing a significant threat to the confidentiality of security-critical applications. Although a number of mitigation techniques have been proposed, each has its own limitations. This paper presents a novel strategy, TaintOff, a compiler-assisted defense mechanism that employs taint analysis to automatically track the propagation of secret data and utilizes the near-memory processing (NMP) paradigm to mitigate cache-side-channel attacks by restricting the use of shared cache memory. The strategy begins by annotating secret inputs as tainted and propagating these taints through whole program analysis to identify the secure regions of an application at a finer granularity. The proposed strategy offloads fine-grained secure code regions to the NMP cores, while non-secure application regions are executed on the multicore processor. Experimental evaluations, conducted using a set of standard simulators for a wide range of applications from different domains, demonstrate the effectiveness of our proposed strategy TaintOff, achieving a significant speedup of 1.86x (maximum) and 3.45x reduction in energy consumption (maximum), along with security guarantees. TaintOff outperforms the state-of-the-art strategy (SOAS) both in performance and energy consumption as it offloads 20% (overall) fewer instructions than SOAS to the low-end NMP cores.