Skip to main content

Mitigating storage side channels using statistical privacy mechanisms

Publication ,  Conference
Xiao, Q; Reiter, MK; Zhang, Y
Published in: Proceedings of the ACM Conference on Computer and Communications Security
October 12, 2015

A storage side channel occurs when an adversary accesses data objects influenced by another, victim computation and infers information about the victim that it is not permitted to learn directly. We bring advances in privacy for statistical databases to bear on storage side-channel defense, and specifically demonstrate the feasibility of applying differentially private mechanisms to mitigate storage side channels in procfs, a pseudo file system broadly used in Linux and Android kernels. Using a principled design with quantifiable security, our approach injects noise into kernel data-structure values that are used to generate procfs contents, but also reestablishes invariants on these noised values so as to not violate assumptions on which procfs or its clients depend. We show that our modifications to procfs can be configured to mitigate known storage side channels while preserving its utility for monitoring and diagnosis.

Duke Scholars

Published In

Proceedings of the ACM Conference on Computer and Communications Security

DOI

ISSN

1543-7221

Publication Date

October 12, 2015

Volume

2015-October

Start / End Page

1582 / 1594
 

Citation

APA
Chicago
ICMJE
MLA
NLM
Xiao, Q., Reiter, M. K., & Zhang, Y. (2015). Mitigating storage side channels using statistical privacy mechanisms. In Proceedings of the ACM Conference on Computer and Communications Security (Vol. 2015-October, pp. 1582–1594). https://doi.org/10.1145/2810103.2813645
Xiao, Q., M. K. Reiter, and Y. Zhang. “Mitigating storage side channels using statistical privacy mechanisms.” In Proceedings of the ACM Conference on Computer and Communications Security, 2015-October:1582–94, 2015. https://doi.org/10.1145/2810103.2813645.
Xiao Q, Reiter MK, Zhang Y. Mitigating storage side channels using statistical privacy mechanisms. In: Proceedings of the ACM Conference on Computer and Communications Security. 2015. p. 1582–94.
Xiao, Q., et al. “Mitigating storage side channels using statistical privacy mechanisms.” Proceedings of the ACM Conference on Computer and Communications Security, vol. 2015-October, 2015, pp. 1582–94. Scopus, doi:10.1145/2810103.2813645.
Xiao Q, Reiter MK, Zhang Y. Mitigating storage side channels using statistical privacy mechanisms. Proceedings of the ACM Conference on Computer and Communications Security. 2015. p. 1582–1594.

Published In

Proceedings of the ACM Conference on Computer and Communications Security

DOI

ISSN

1543-7221

Publication Date

October 12, 2015

Volume

2015-October

Start / End Page

1582 / 1594