Abstract

To protect software systems from attacks, ARM introduced a hardware security extension known as TrustZone. TrustZone provides an isolated execution environment, which can be used to deploy various memory integrity and malware detection tools. However, a new type of rootkit, namely CacheKit, can exploit cache incoherency and cache locking mechanisms in TrustZone to hide itself from such inspections. Therefore, it is imperative to design a new approach to ensure the correct use of cache locking and prevent malicious code from being hidden in the cache. In this paper, we present CacheLight, which leverages the TrustZone and Virtualization extensions of the ARM architecture to allow the system to continue to securely provide these hardware facilities to users while preventing attackers from exploiting them. CacheLight restricts the ability to lock the cache to the Secure World of the processor such that the Normal World can still request certain memory to be locked into the cache by the secure operating system (OS) through a Secure Monitor Call (SMC). This grants the secure OS the power to verify and validate the information that will be locked in the requested cache way thereby ensuring that any data that remains in the cache will not be inconsistent with what exists in main memory for inspection. Malicious attempts to hide data can be prevented and recovered for analysis while legitimate requests can still generate valid entries in the cache.

Original languageEnglish (US)
Title of host publicationASHES 2018 - Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security, co-located with CCS 2018
PublisherAssociation for Computing Machinery
Pages65-74
Number of pages10
ISBN (Electronic)9781450359962
DOIs
StatePublished - Oct 15 2018
Event2nd Workshop on Attacks and Solutions in Hardware Security, ASHES 2018, in conjunction with the 25th ACM Conference on Computer and Communications Security, CCS 2018 - Toronto, Canada
Duration: Oct 19 2018 → …

Other

Other2nd Workshop on Attacks and Solutions in Hardware Security, ASHES 2018, in conjunction with the 25th ACM Conference on Computer and Communications Security, CCS 2018
CountryCanada
CityToronto
Period10/19/18 → …

Fingerprint

Data storage equipment
Inspection
Hardware
Malware
Hardware security
Virtualization

Keywords

  • Cache Locking
  • Embedded Systems Security
  • Hardware Assisted Security
  • Rootkit Defense
  • TrustZone

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Cite this

Gutierrez, M., Zhao, Z., Doupe, A., Shoshitaishvili, Y., & Ahn, G-J. (2018). CacheLight: Defeating the cachekit attack. In ASHES 2018 - Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security, co-located with CCS 2018 (pp. 65-74). Association for Computing Machinery. https://doi.org/10.1145/3266444.3266449

CacheLight : Defeating the cachekit attack. / Gutierrez, Mauricio; Zhao, Ziming; Doupe, Adam; Shoshitaishvili, Yan; Ahn, Gail-Joon.

ASHES 2018 - Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security, co-located with CCS 2018. Association for Computing Machinery, 2018. p. 65-74.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Gutierrez, M, Zhao, Z, Doupe, A, Shoshitaishvili, Y & Ahn, G-J 2018, CacheLight: Defeating the cachekit attack. in ASHES 2018 - Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security, co-located with CCS 2018. Association for Computing Machinery, pp. 65-74, 2nd Workshop on Attacks and Solutions in Hardware Security, ASHES 2018, in conjunction with the 25th ACM Conference on Computer and Communications Security, CCS 2018, Toronto, Canada, 10/19/18. https://doi.org/10.1145/3266444.3266449
Gutierrez M, Zhao Z, Doupe A, Shoshitaishvili Y, Ahn G-J. CacheLight: Defeating the cachekit attack. In ASHES 2018 - Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security, co-located with CCS 2018. Association for Computing Machinery. 2018. p. 65-74 https://doi.org/10.1145/3266444.3266449
Gutierrez, Mauricio ; Zhao, Ziming ; Doupe, Adam ; Shoshitaishvili, Yan ; Ahn, Gail-Joon. / CacheLight : Defeating the cachekit attack. ASHES 2018 - Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security, co-located with CCS 2018. Association for Computing Machinery, 2018. pp. 65-74
@inproceedings{6353cf2ccc204c1aa4f9346abc906605,
title = "CacheLight: Defeating the cachekit attack",
abstract = "To protect software systems from attacks, ARM introduced a hardware security extension known as TrustZone. TrustZone provides an isolated execution environment, which can be used to deploy various memory integrity and malware detection tools. However, a new type of rootkit, namely CacheKit, can exploit cache incoherency and cache locking mechanisms in TrustZone to hide itself from such inspections. Therefore, it is imperative to design a new approach to ensure the correct use of cache locking and prevent malicious code from being hidden in the cache. In this paper, we present CacheLight, which leverages the TrustZone and Virtualization extensions of the ARM architecture to allow the system to continue to securely provide these hardware facilities to users while preventing attackers from exploiting them. CacheLight restricts the ability to lock the cache to the Secure World of the processor such that the Normal World can still request certain memory to be locked into the cache by the secure operating system (OS) through a Secure Monitor Call (SMC). This grants the secure OS the power to verify and validate the information that will be locked in the requested cache way thereby ensuring that any data that remains in the cache will not be inconsistent with what exists in main memory for inspection. Malicious attempts to hide data can be prevented and recovered for analysis while legitimate requests can still generate valid entries in the cache.",
keywords = "Cache Locking, Embedded Systems Security, Hardware Assisted Security, Rootkit Defense, TrustZone",
author = "Mauricio Gutierrez and Ziming Zhao and Adam Doupe and Yan Shoshitaishvili and Gail-Joon Ahn",
year = "2018",
month = "10",
day = "15",
doi = "10.1145/3266444.3266449",
language = "English (US)",
pages = "65--74",
booktitle = "ASHES 2018 - Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security, co-located with CCS 2018",
publisher = "Association for Computing Machinery",

}

TY - GEN

T1 - CacheLight

T2 - Defeating the cachekit attack

AU - Gutierrez, Mauricio

AU - Zhao, Ziming

AU - Doupe, Adam

AU - Shoshitaishvili, Yan

AU - Ahn, Gail-Joon

PY - 2018/10/15

Y1 - 2018/10/15

N2 - To protect software systems from attacks, ARM introduced a hardware security extension known as TrustZone. TrustZone provides an isolated execution environment, which can be used to deploy various memory integrity and malware detection tools. However, a new type of rootkit, namely CacheKit, can exploit cache incoherency and cache locking mechanisms in TrustZone to hide itself from such inspections. Therefore, it is imperative to design a new approach to ensure the correct use of cache locking and prevent malicious code from being hidden in the cache. In this paper, we present CacheLight, which leverages the TrustZone and Virtualization extensions of the ARM architecture to allow the system to continue to securely provide these hardware facilities to users while preventing attackers from exploiting them. CacheLight restricts the ability to lock the cache to the Secure World of the processor such that the Normal World can still request certain memory to be locked into the cache by the secure operating system (OS) through a Secure Monitor Call (SMC). This grants the secure OS the power to verify and validate the information that will be locked in the requested cache way thereby ensuring that any data that remains in the cache will not be inconsistent with what exists in main memory for inspection. Malicious attempts to hide data can be prevented and recovered for analysis while legitimate requests can still generate valid entries in the cache.

AB - To protect software systems from attacks, ARM introduced a hardware security extension known as TrustZone. TrustZone provides an isolated execution environment, which can be used to deploy various memory integrity and malware detection tools. However, a new type of rootkit, namely CacheKit, can exploit cache incoherency and cache locking mechanisms in TrustZone to hide itself from such inspections. Therefore, it is imperative to design a new approach to ensure the correct use of cache locking and prevent malicious code from being hidden in the cache. In this paper, we present CacheLight, which leverages the TrustZone and Virtualization extensions of the ARM architecture to allow the system to continue to securely provide these hardware facilities to users while preventing attackers from exploiting them. CacheLight restricts the ability to lock the cache to the Secure World of the processor such that the Normal World can still request certain memory to be locked into the cache by the secure operating system (OS) through a Secure Monitor Call (SMC). This grants the secure OS the power to verify and validate the information that will be locked in the requested cache way thereby ensuring that any data that remains in the cache will not be inconsistent with what exists in main memory for inspection. Malicious attempts to hide data can be prevented and recovered for analysis while legitimate requests can still generate valid entries in the cache.

KW - Cache Locking

KW - Embedded Systems Security

KW - Hardware Assisted Security

KW - Rootkit Defense

KW - TrustZone

UR - http://www.scopus.com/inward/record.url?scp=85056722311&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85056722311&partnerID=8YFLogxK

U2 - 10.1145/3266444.3266449

DO - 10.1145/3266444.3266449

M3 - Conference contribution

SP - 65

EP - 74

BT - ASHES 2018 - Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security, co-located with CCS 2018

PB - Association for Computing Machinery

ER -