ThermalBleed: A Practical Thermal Side-Channel Attack
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Kim, Taehun | - |
dc.contributor.author | Shin, Youngjoo | - |
dc.date.accessioned | 2022-04-02T07:40:35Z | - |
dc.date.available | 2022-04-02T07:40:35Z | - |
dc.date.created | 2022-04-01 | - |
dc.date.issued | 2022 | - |
dc.identifier.issn | 2169-3536 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/139476 | - |
dc.description.abstract | Modern OSs expose an interface for monitoring CPU temperature to unprivileged users for effective user decision-based thermal management. Due to the low sampling rate and resolution, thermal sensors have generally been restricted to the construction of covert channels. However, exposing the thermal interface to unprivileged users may be problematic, because the heat emission inside a CPU core is affected by program execution on the core; an attacker may be able to infer the secret information of the program by exploiting the thermal interface as a side-channel. In this paper, we extensively analyze digital thermal sensors in Intel CPUs and show that it is possible to implement a software-based thermal side-channel attack. Specifically, by analyzing some properties of the thermal sensors, we inferred that the thermal sensor makes it possible to distinguish between a cache hit and a physical memory access in memory load operations. Based on the analysis results, we implement ThermalBleed, a thermal side-channel attack that breaks kernel address space layout randomization (KASLR) in Linux systems. Moreover, by conducting an in-depth analysis, we identify useful hidden properties of the Intel thermal sensors. Our analysis establishes a stepping stone to build a more precise and effective thermal side-channel attack in the future. To the best of our knowledge, this is the first work that extends a thermal covert channel to a practical side-channel attack by exploring the properties of Intel digital thermal sensors. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC | - |
dc.title | ThermalBleed: A Practical Thermal Side-Channel Attack | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Shin, Youngjoo | - |
dc.identifier.doi | 10.1109/ACCESS.2022.3156596 | - |
dc.identifier.scopusid | 2-s2.0-85125754248 | - |
dc.identifier.wosid | 000767816700001 | - |
dc.identifier.bibliographicCitation | IEEE ACCESS, v.10, pp.25718 - 25731 | - |
dc.relation.isPartOf | IEEE ACCESS | - |
dc.citation.title | IEEE ACCESS | - |
dc.citation.volume | 10 | - |
dc.citation.startPage | 25718 | - |
dc.citation.endPage | 25731 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Engineering | - |
dc.relation.journalResearchArea | Telecommunications | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Engineering, Electrical & Electronic | - |
dc.relation.journalWebOfScienceCategory | Telecommunications | - |
dc.subject.keywordAuthor | Thermal analysis | - |
dc.subject.keywordAuthor | Temperature sensors | - |
dc.subject.keywordAuthor | Side-channel attacks | - |
dc.subject.keywordAuthor | Monitoring | - |
dc.subject.keywordAuthor | Temperature measurement | - |
dc.subject.keywordAuthor | Linux | - |
dc.subject.keywordAuthor | Kernel | - |
dc.subject.keywordAuthor | Breaking KASLR | - |
dc.subject.keywordAuthor | digital thermal sensor | - |
dc.subject.keywordAuthor | thermal side-channel attack | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
145 Anam-ro, Seongbuk-gu, Seoul, 02841, Korea+82-2-3290-2963
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.