TitleEfficient Timing Channel Protection for On-Chip Networks Yao Wang and G. Edward Suh Cornell University.

Slides:



Advertisements
Similar presentations
Adaptive Backpressure: Efficient Buffer Management for On-Chip Networks Daniel U. Becker, Nan Jiang, George Michelogiannakis, William J. Dally Stanford.
Advertisements

Making Time-stepped Applications Tick in the Cloud Tao Zou, Guozhang Wang, Marcos Vaz Salles*, David Bindel, Alan Demers, Johannes Gehrke, Walker White.
VSMC MIMO: A Spectral Efficient Scheme for Cooperative Relay in Cognitive Radio Networks 1.
1 Hardware Support for Isolation Krste Asanovic U.C. Berkeley MURI “DHOSA” Site Visit April 28, 2011.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—8-1 MPLS TE Overview Introducing the TE Concept.
REAL-TIME COMMUNICATION ANALYSIS FOR NOCS WITH WORMHOLE SWITCHING Presented by Sina Gholamian, 1 09/11/2011.
 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.
A Flexible Model for Resource Management in Virtual Private Networks Presenter: Huang, Rigao Kang, Yuefang.
Technion – Israel Institute of Technology Qualcomm Corp. Research and Development, San Diego, California Leveraging Application-Level Requirements in the.
Reporter: Bo-Yi Shiu Date: 2011/05/27 Virtual Point-to-Point Connections for NoCs Mehdi Modarressi, Arash Tavakkol, and Hamid Sarbazi- Azad IEEE TRANSACTIONS.
Allocator Implementations for Network-on-Chip Routers Daniel U. Becker and William J. Dally Concurrent VLSI Architecture Group Stanford University.
Network based System on Chip Final Presentation Part B Performed by: Medvedev Alexey Supervisor: Walter Isaschar (Zigmond) Winter-Spring 2006.
Network based System on Chip Part A Performed by: Medvedev Alexey Supervisor: Walter Isaschar (Zigmond) Winter-Spring 2006.
Lei Wang, Yuho Jin, Hyungjun Kim and Eun Jung Kim
Predictive Load Balancing Reconfigurable Computing Group.
Rotary Router : An Efficient Architecture for CMP Interconnection Networks Pablo Abad, Valentín Puente, Pablo Prieto, and Jose Angel Gregorio University.
Yinglei Wang, Wing-kei Yu, Sarah Q. Xu, Edwin Kan, and G. Edward Suh Cornell University Tuan Tran.
Performance and Power Efficient On-Chip Communication Using Adaptive Virtual Point-to-Point Connections M. Modarressi, H. Sarbazi-Azad, and A. Tavakkol.
Localized Asynchronous Packet Scheduling for Buffered Crossbar Switches Deng Pan and Yuanyuan Yang State University of New York Stony Brook.
McRouter: Multicast within a Router for High Performance NoCs
Power Issues in On-chip Interconnection Networks Mojtaba Amiri Nov. 5, 2009.
High-Performance Networks for Dataflow Architectures Pravin Bhat Andrew Putnam.
Elastic-Buffer Flow-Control for On-Chip Networks
Networks-on-Chips (NoCs) Basics
A Scalable Bandwidth Management Architecture for Supporting VoIP Applications Using Bandwidth Broker Zhenhai Duan, Zhi-Li Zhang University of Minnesota.
QoS Support in High-Speed, Wormhole Routing Networks Mario Gerla, B. Kannan, Bruce Kwan, Prasasth Palanti,Simon Walton.
IVEC: Off-Chip Memory Integrity Protection for Both Security and Reliability Ruirui Huang, G. Edward Suh Cornell University.
LIBRA: Multi-mode On-Chip Network Arbitration for Locality-Oblivious Task Placement Gwangsun Kim Computer Science Department Korea Advanced Institute of.
Timing Channel Protection for a Shared Memory Controller Yao Wang, Andrew Ferraiuolo, G. Edward Suh Feb 17 th 2014.
Improving Capacity and Flexibility of Wireless Mesh Networks by Interface Switching Yunxia Feng, Minglu Li and Min-You Wu Presented by: Yunxia Feng Dept.
Exploiting Program Hotspots and Code Sequentiality for Instruction Cache Leakage Management J. S. Hu, A. Nadgir, N. Vijaykrishnan, M. J. Irwin, M. Kandemir.
Ramazan Bitirgen, Engin Ipek and Jose F.Martinez MICRO’08 Presented by PAK,EUNJI Coordinated Management of Multiple Interacting Resources in Chip Multiprocessors.
Tessellation: Space-Time Partitioning in a Manycore Client OS Rose Liu 1,2, Kevin Klues 1, Sarah Bird 1, Steven Hofmeyr 3, Krste Asanovic 1, John Kubiatowicz.
George Michelogiannakis, Prof. William J. Dally Concurrent architecture & VLSI group Stanford University Elastic Buffer Flow Control for On-chip Networks.
Presenter: Min-Yu Lo 2015/10/19 Asit K. Mishra, N. Vijaykrishnan, Chita R. Das Computer Architecture (ISCA), th Annual International Symposium on.
O1TURN : Near-Optimal Worst-Case Throughput Routing for 2D-Mesh Networks DaeHo Seo, Akif Ali, WonTaek Lim Nauman Rafique, Mithuna Thottethodi School of.
Quantifying and Improving I/O Predictability in Virtualized Systems Cheng Li, Inigo Goiri, Abhishek Bhattacharjee, Ricardo Bianchini, Thu D. Nguyen 1.
Analysis and Optimization of Mixed-Criticality Applications on Partitioned Distributed Architectures Domițian Tămaș-Selicean, Sorin Ovidiu Marinescu and.
ISLIP Switch Scheduler Ali Mohammad Zareh Bidoki April 2002.
1 Integrating security in a quality aware multimedia delivery platform Paul Koster 21 november 2001.
Lecture 20 Page 1 Advanced Network Security Basic Approaches to DDoS Defense Advanced Network Security Peter Reiher August, 2014.
Run-time Adaptive on-chip Communication Scheme 林孟諭 Dept. of Electrical Engineering National Cheng Kung University Tainan, Taiwan, R.O.C.
Yu Cai Ken Mai Onur Mutlu
Managing Distributed, Shared L2 Caches through OS-Level Page Allocation Sangyeun Cho and Lei Jin Dept. of Computer Science University of Pittsburgh.
A Memory-hierarchy Conscious and Self-tunable Sorting Library To appear in 2004 International Symposium on Code Generation and Optimization (CGO ’ 04)
Efficient Microarchitecture for Network-on-Chip Routers
Advanced Processor Group The School of Computer Science A Dynamic Link Allocation Router Wei Song, Doug Edwards Advanced Processor Group The University.
By Islam Atta Supervised by Dr. Ihab Talkhan
Topology-aware QOS Support in Highly Integrated CMPs Boris Grot (UT-Austin) Stephen W. Keckler (NVIDIA/UT-Austin) Onur Mutlu (CMU) WIOSCA '10.
Virtual-Channel Flow Control William J. Dally
ECE 720T5 Fall 2012 Cyber-Physical Systems Rodolfo Pellizzoni.
Predictive High-Performance Architecture Research Mavens (PHARM), Department of ECE The NoX Router Mitchell Hayenga Mikko Lipasti.
Boris Grot, Joel Hestness, Stephen W. Keckler 1 The University of Texas at Austin 1 NVIDIA Research Onur Mutlu Carnegie Mellon University.
HAT: Heterogeneous Adaptive Throttling for On-Chip Networks Kevin Kai-Wei Chang Rachata Ausavarungnirun Chris Fallin Onur Mutlu.
On-time Network On-Chip: Analysis and Architecture CS252 Project Presentation Dai Bui.
Secure Dynamic Memory Scheduling against Timing Channel Attacks
University of Maryland College Park
Architecture and Algorithms for an IEEE 802
Xiaodong Wang, Shuang Chen, Jeff Setter,
New Cache Designs for Thwarting Cache-based Side Channel Attacks
Chapter 9 – Real Memory Organization and Management
Pablo Abad, Pablo Prieto, Valentin Puente, Jose-Angel Gregorio
Rahul Boyapati. , Jiayi Huang
Complexity effective memory access scheduling for many-core accelerator architectures Zhang Liang.
CS 258 Reading Assignment 4 Discussion Exploiting Two-Case Delivery for Fast Protected Messages Bill Kramer February 13, 2002 #
On-time Network On-chip
Natalie Enright Jerger, Li Shiuan Peh, and Mikko Lipasti
Maria Méndez Real, Vincent Migliore, Vianney Lapotre, Guy Gogniat
Towards Predictable Datacenter Networks
Presentation transcript:

TitleEfficient Timing Channel Protection for On-Chip Networks Yao Wang and G. Edward Suh Cornell University

TitleEfficient Timing Channel Protection for On-Chip Networks  Future large-scale multi-cores will be shared among multiple applications / virtual machines On-Chip Networks are Shared Resources NOCS 20122/21 Virtual Machine A Virtual Machine B

TitleEfficient Timing Channel Protection for On-Chip Networks Problem: Timing Channels  Shared NoC causes interference NOCS 20123/21 Virtual Machine A Virtual Machine B  Network interference introduces timing channels Side channel Covert channel  High assurance systems requires security guarantee Example: Corporate virtual machines on the cloud

TitleEfficient Timing Channel Protection for On-Chip Networks RSA Example  RSA : a public key cryptographic algorithm Prone to timing channel attacks NOCS 20124/21 Core 0 MC 0 Core 1 MC 1 Core 2 MC 2 Crossbar RSAAttacker key: 0110…

TitleEfficient Timing Channel Protection for On-Chip Networks RSA Example  RSA : a public key cryptographic algorithm Prone to timing channel attacks NOCS 20125/21

TitleEfficient Timing Channel Protection for On-Chip Networks Outline  Objective: Eliminate timing channels through the shared on-chip networks Completely eliminate information leakage Low performance overhead  Rest of the talk Potential approaches Our solution Evaluation Related work Conclusion NOCS 20126/21

TitleEfficient Timing Channel Protection for On-Chip Networks Use Quality-of-Service?  QoS techniques provide performance isolation to different network flows  QoS techniques are not enough for security A flow can use bandwidth beyond its allocation Bandwidth utilization reveals the flow demand NOCS 20127/21 Flow A Demand Flow B Demand Flow A BW utilization 100% 0% 12 A B Bandwidth allocation A: 50% B: 50% 50% 100%

TitleEfficient Timing Channel Protection for On-Chip Networks Static Partitioning  To eliminate timing channels, resource allocation cannot depend on run-time demands  Static partitioning Spatial Network Partitioning (SNP) Temporal Network Partitioning (TNP)  Completely eliminate the timing channels High performance overhead NOCS 20128/21 SNPTNP Cycle 0 Cycle 1 … VM A VM B

TitleEfficient Timing Channel Protection for On-Chip Networks One-Way Information Leak Protection  Usually only one-way information protection is needed Multi-level security (MLS) model  One-way protection is the key for efficient timing channel protection NOCS 20129/21 Personal APP (Music Player) Business App (Bank Management) Regular VM Corporate VM Low-Security Domain High-Security Domain Information flow PC Cloud Computing In general

TitleEfficient Timing Channel Protection for On-Chip Networks Timing Channel through NoC NOCS /21 HS demand 01 1 LS throughput HS: High-Security Domain LS: Low-Security Domain HS ---> LS

TitleEfficient Timing Channel Protection for On-Chip Networks  Reversed Priority Assign high priority to low-security domain The behavior (throughput, latency) of low-security domain is not affected by high-security domain  Static Limits Low-security domain could initialize Denial-of-Service (DoS) attack Static limit controls the amount of traffic that low-security domain can send during a certain interval Reversed Priority with Static Limits (RPSL) NOCS /21

TitleEfficient Timing Channel Protection for On-Chip Networks Implementation: Avoid Interference  Priority-based separable allocator Input arbiter & Output arbiter  Static virtual channel allocation Avoid head-of-line blocking NOCS /21 Router Virtual Channels Input link Low-security Domain High-security Domain

TitleEfficient Timing Channel Protection for On-Chip Networks  Static limit control mechanism Counter & Control logic  Apply to both input and output arbiter Implementation: Avoid DoS NOCS /21 Priority- based Arbiter Counter Requests Winning Request Static limit Control Low-security Domain High-security Domain Input Arbiter

TitleEfficient Timing Channel Protection for On-Chip Networks Benefits of One-Way Protection NOCS /21 Time BW Utilization Total BW HS LS Round-robin Allocator LS HS Time BW Utilization Total BW HS LS Temporal Network Partitioning LS HS Time BW Utilization Total BW HS LS HS RPSL 12 LS HS

TitleEfficient Timing Channel Protection for On-Chip Networks Experimental Setup  Goals of experiments Timing channel protection DoS protection Performance overhead  Darsim: cycle-level NoC simulator  Comparison of three schemes Round-robin allocator (ISLIP) Temporal Network Partitioning (TNP) Reversed Priority with Static Limits (RPSL) NOCS /21

TitleEfficient Timing Channel Protection for On-Chip Networks Timing Channel: No Protection  Simple network  Round-robin allocator NOCS / Low-security Domain High-security Domain HS LS

TitleEfficient Timing Channel Protection for On-Chip Networks Timing Channel: Two-way Protection  Simple network  Temporal Network Partitioning NOCS / Low-security Domain High-security Domain HS LS 0.4/1.0

TitleEfficient Timing Channel Protection for On-Chip Networks Timing Channel: One-way Protection  Simple network  Reversed Priority with Static Limits (Static limit = 0.8) NOCS / Low-security Domain High-security Domain HS LS 1.0/1.0

TitleEfficient Timing Channel Protection for On-Chip Networks Performance  Applications show bursty traffic  RPSL is efficient for bursty traffic NOCS /21 HIGH LOW

TitleEfficient Timing Channel Protection for On-Chip Networks Related Work  Side-channel protection Shared resources are prone to side-channel attacks, e.g. shared caches, branch prediction Cannot be applied to NoC  QoS schemes Allows resource usage beyond allocation Insufficient to prevent timing channel attacks  Composability Remove interference between applications for fast integration Require bi-directional non-interference, incur high performance overhead NOCS /21

TitleEfficient Timing Channel Protection for On-Chip Networks Conclusion  Shared on-chip networks introduce timing channels Prevent effective sharing of large-scale NoC in high assurance systems  One-way timing channel protection is sufficient in many situations  RPSL provides efficient one-way timing channel protection Incurs low performance overhead NOCS /21

TitleEfficient Timing Channel Protection for On-Chip Networks Extend to Multiple Domains NOCS

TitleEfficient Timing Channel Protection for On-Chip Networks Denial-of-Service Protection (RPSL)  Simple network NOCS Low-security Domain High-security Domain HS LS Static Limit on LS

TitleEfficient Timing Channel Protection for On-Chip Networks Synthetic Traffic Patterns  6-by-6 mesh network  Two security domains  Transpose traffic NOCS Round-robinTemporal Network PartitioningRPSL HIGH LOW LS offered BW

TitleEfficient Timing Channel Protection for On-Chip Networks Synthetic Traffic Patterns  6-by-6 mesh network  Two security domains  Hotspot Traffic NOCS HIGH LOW Round-robinTemporal Network PartitioningRPSL

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.