Runtime Randomized Relocation of Crypto Libraries for Mitigating Cache Attacks
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Shin, Youngjoo | - |
dc.contributor.author | Yun, Joobeom | - |
dc.date.accessioned | 2022-03-12T07:41:06Z | - |
dc.date.available | 2022-03-12T07:41:06Z | - |
dc.date.created | 2022-01-20 | - |
dc.date.issued | 2021 | - |
dc.identifier.issn | 2169-3536 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/138702 | - |
dc.description.abstract | Crypto libraries such as OpenSSL and Libgcrypt are essential building blocks for implementing secure cloud services. Unfortunately, these libraries are subject to cache side-channel attacks, which are more devastating in cloud environments where inevitable cache contention among different tenants occurs. Previous approaches for mitigating cache side-channel attacks have limitations in terms of the deployability and security; these hinder utilization in cloud services. In this paper, we propose an R2-relocator, a novel library protection technique based on moving target defence. When injected into a running process, the R2-relocator performs randomized relocation of the library during runtime. By doing this, it transforms a vulnerable crypto library into one that randomly changes its memory (cache) location, thereby preventing the delivery of cache side-channel attacks against the library. The proposed technique achieves robust protection against cache side-channel attacks for all crypto libraries, even those containing unpatched critical vulnerabilities, without the need for reconfiguration of the library. Extensive evaluations of security, performance, and deployability of the R2-relocator demonstrate its effectiveness for secure cloud services. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC | - |
dc.title | Runtime Randomized Relocation of Crypto Libraries for Mitigating Cache Attacks | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Shin, Youngjoo | - |
dc.identifier.doi | 10.1109/ACCESS.2021.3101638 | - |
dc.identifier.scopusid | 2-s2.0-85111574479 | - |
dc.identifier.wosid | 000683996600001 | - |
dc.identifier.bibliographicCitation | IEEE ACCESS, v.9, pp.108851 - 108860 | - |
dc.relation.isPartOf | IEEE ACCESS | - |
dc.citation.title | IEEE ACCESS | - |
dc.citation.volume | 9 | - |
dc.citation.startPage | 108851 | - |
dc.citation.endPage | 108860 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Engineering | - |
dc.relation.journalResearchArea | Telecommunications | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Engineering, Electrical & Electronic | - |
dc.relation.journalWebOfScienceCategory | Telecommunications | - |
dc.subject.keywordAuthor | Cache side-channel attack | - |
dc.subject.keywordAuthor | Cloud computing | - |
dc.subject.keywordAuthor | Computer bugs | - |
dc.subject.keywordAuthor | Cryptography | - |
dc.subject.keywordAuthor | Libraries | - |
dc.subject.keywordAuthor | Runtime | - |
dc.subject.keywordAuthor | Security | - |
dc.subject.keywordAuthor | Side-channel attacks | - |
dc.subject.keywordAuthor | attack mitigation | - |
dc.subject.keywordAuthor | crypto library | - |
dc.subject.keywordAuthor | moving target defence | - |
dc.subject.keywordAuthor | secure cloud computing | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
(02841) 서울특별시 성북구 안암로 14502-3290-1114
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.