Close

Presentation

ThermalScope: A Practical Interrupt Side Channel Attack Based on Thermal Event Interrupts
SessionWhat's Your Best Side?
DescriptionWhile interrupts play a critical role in modern OSes, they have been exploited as a wide range of side channel attacks to break system confidentiality, such as keystroke interrupts, graphic interrupts and network interrupts. In this paper, we propose ThermalScope, a new side channel that exploits thermal event interrupts, which is adaptable for both native and browser scenarios and incorporates two heat amplifying techniques. The exploited thermal event interrupts are activated only when the CPU package temperature reaches a fixed threshold that is determined by manufacturers. Our key observation is that workloads running on CPUs inevitably generates their distinct heat, which can be correlated with the thermal event interrupts. To demonstrate the viability of ThermalScope, we conduct a comprehensive evaluation on multiple Ubuntu OSes with different Intel-based CPUs. First, we show that the activation of thermal event interrupts correlates with the level of CPU temperature. We then apply ThermalScope to mount different side channel attacks, i.e., building covert channels with a transmission rate of 0.1 b/s, fingerprinting DNN model architectures with an accuracy of over 90% and breaking KASLR within 8.2 hours.
Authors
Xin Zhang
Peking University
Zhi Zhang
University of Western Australia
Qingni Shen
Peking University
Wenhao Wang
Institute of Information Engineering, Chinese Academy of Sciences
Yansong Gao
Data61, CSIRO
Zhuoxi Yang
Peking University
Zhonghai Wu
Peking University
Event Type
Research Manuscript
TimeWednesday, June 262:00pm - 2:15pm PDT
Location3012, 3rd Floor
Topics
Security
Keywords
Hardware Security: Attack and Defense
Next PresentationNext Presentation
Architectural Whispers: Robust Machine Learning Models Fingerprinting via Frequency Throttling Side-Channels