Detecting Covert Timing Channels with Time-Deterministic Replay

Loading...
Thumbnail Image
Penn collection
Departmental Papers (CIS)
Degree type
Discipline
Subject
CPS Real-Time
Computer Engineering
Computer Sciences
Funder
Grant number
License
Copyright date
Distributor
Related resources
Author
Moore, W. Brad
Xiao, Hanjun
Sherr, Micah
Zhou, Wenchao
Contributor
Abstract

This paper presents a mechanism called timedeterministic replay (TDR) that can reproduce the execution of a program, including its precise timing. Without TDR, reproducing the timing of an execution is difficult because there are many sources of timing variability – such as preemptions, hardware interrupts, cache effects, scheduling decisions, etc. TDR uses a combination of techniques to either mitigate or eliminate most of these sources of variability. Using a prototype implementation of TDR in a Java Virtual Machine, we show that it is possible to reproduce the timing to within 1.85% of the original execution, even on commodity hardware. The paper discusses several potential applications of TDR, and studies one of them in detail: the detection of a covert timing channel. Timing channels can be used to exfiltrate information from a compromised machine; they work by subtly varying the timing of the machine’s outputs, and it is this variation that can be detected with TDR. Unlike prior solutions, which generally look for a specific type of timing channel, our approach can detect a wide variety of channels with high accuracy.

Advisor
Date of presentation
2014-10-01
Conference name
Departmental Papers (CIS)
Conference dates
2023-05-17T12:34:17.000
Conference location
Date Range for Data Collection (Start Date)
Date Range for Data Collection (End Date)
Digital Object Identifier
Series name and number
Volume number
Issue number
Publisher
Publisher DOI
Journal Issue
Comments
11th USENIX Symposium on Operating Systems Design and Implementation (OSDI)(https://www.usenix.org/conference/osdi14), Broomfield, CO, October 2014.
Recommended citation
Collection