We present a kernel-level infrastructure that allows system-wide detection of malicious applications attempting to exploit cache-based side-channel attacks to break the process confinement enforced by standard operating systems. This infrastructure relies on hardware performance counters to collect information at runtime from all applications running on the machine. High-level detection metrics are derived from these measurements to maximize the likelihood of promptly detecting a malicious application. Our experimental assessment shows that we can catch a large family of side-channel attacks with a significantly reduced overhead. We also discuss countermeasures that can be enacted once a process is suspected of carrying out a side-cha...
International audienceThe microarchitecture of modern systems become more and more complicated. This...
The kernel code injection is a common behavior of kernel-compromising attacks where the attackers ai...
International audienceThe microarchitecture of modern systems become more and more complicated. This...
We present a kernel-level infrastructure that allows system-wide detection of malicious applications...
We present a kernel-level infrastructure that allows system-wide detection of malicious applications...
We present a kernel-level infrastructure that allows system-wide detection of malicious applications...
We present a kernel-level infrastructure which allows to perform system-wide detection of malicious ...
We present a kernel-level infrastructure which allows to perform system-wide detection of malicious ...
Over the past decades, the major objectives of computer design have been to improve performance and ...
Over the past decades, the major objectives of computer design have been to improve performance and ...
We introduce the usage of hardware performance counters (HPCs) as a new method that allows very prec...
We introduce the usage of hardware performance counters (HPCs) as a new method that allows very prec...
We introduce the usage of hardware performance counters (HPCs) as a new method that allows very prec...
International audienceHigh resolution and stealthy attacks and their variants such as Flush+Reload, ...
International audienceHigh resolution and stealthy attacks and their variants such as Flush+Reload, ...
International audienceThe microarchitecture of modern systems become more and more complicated. This...
The kernel code injection is a common behavior of kernel-compromising attacks where the attackers ai...
International audienceThe microarchitecture of modern systems become more and more complicated. This...
We present a kernel-level infrastructure that allows system-wide detection of malicious applications...
We present a kernel-level infrastructure that allows system-wide detection of malicious applications...
We present a kernel-level infrastructure that allows system-wide detection of malicious applications...
We present a kernel-level infrastructure which allows to perform system-wide detection of malicious ...
We present a kernel-level infrastructure which allows to perform system-wide detection of malicious ...
Over the past decades, the major objectives of computer design have been to improve performance and ...
Over the past decades, the major objectives of computer design have been to improve performance and ...
We introduce the usage of hardware performance counters (HPCs) as a new method that allows very prec...
We introduce the usage of hardware performance counters (HPCs) as a new method that allows very prec...
We introduce the usage of hardware performance counters (HPCs) as a new method that allows very prec...
International audienceHigh resolution and stealthy attacks and their variants such as Flush+Reload, ...
International audienceHigh resolution and stealthy attacks and their variants such as Flush+Reload, ...
International audienceThe microarchitecture of modern systems become more and more complicated. This...
The kernel code injection is a common behavior of kernel-compromising attacks where the attackers ai...
International audienceThe microarchitecture of modern systems become more and more complicated. This...
Add to ORKG