Scholars@Duke publication: Düppel: Retrofitting commodity operating systems to mitigate cache side channels in the cloud

Düppel: Retrofitting commodity operating systems to mitigate cache side channels in the cloud

Publication , Conference

Zhang, Y; Reiter, MK

Published in: Proceedings of the ACM Conference on Computer and Communications Security

December 9, 2013

This paper presents the design, implementation and evaluation of a system called Düppel that enables a tenant virtual machine to defend itself from cache-based side-channel attacks in public clouds. Düppel includes defenses for time-shared caches such as per-core L1 and L2 caches. Experiments in the lab and on public clouds show that Düppel effectively obfuscates timing signals available to an attacker VM via these caches and incurs modest performance overheads (at most 7% and usually much less) in the common case of no side-channel attacks. Moreover, Düppel requires no changes to hypervisors or support from cloud operators. © 2013 ACM.

Duke Scholars

Author Michael Reiter Computer Science

Altmetric Attention Stats

Dimensions Citation Stats

Published In

Proceedings of the ACM Conference on Computer and Communications Security

DOI

10.1145/2508859.2516741

ISSN

1543-7221

Publication Date

December 9, 2013

Start / End Page

827 / 837

Citation

APA

Chicago

ICMJE

MLA

NLM

Zhang, Y., & Reiter, M. K. (2013). Düppel: Retrofitting commodity operating systems to mitigate cache side channels in the cloud. In Proceedings of the ACM Conference on Computer and Communications Security (pp. 827–837). https://doi.org/10.1145/2508859.2516741

Zhang, Y., and M. K. Reiter. “Düppel: Retrofitting commodity operating systems to mitigate cache side channels in the cloud.” In Proceedings of the ACM Conference on Computer and Communications Security, 827–37, 2013. https://doi.org/10.1145/2508859.2516741.

Zhang Y, Reiter MK. Düppel: Retrofitting commodity operating systems to mitigate cache side channels in the cloud. In: Proceedings of the ACM Conference on Computer and Communications Security. 2013. p. 827–37.

Zhang, Y., and M. K. Reiter. “Düppel: Retrofitting commodity operating systems to mitigate cache side channels in the cloud.” Proceedings of the ACM Conference on Computer and Communications Security, 2013, pp. 827–37. Scopus, doi:10.1145/2508859.2516741.

Zhang Y, Reiter MK. Düppel: Retrofitting commodity operating systems to mitigate cache side channels in the cloud. Proceedings of the ACM Conference on Computer and Communications Security. 2013. p. 827–837.

Published In

Proceedings of the ACM Conference on Computer and Communications Security

DOI

10.1145/2508859.2516741

ISSN

1543-7221

Publication Date

December 9, 2013

Start / End Page

827 / 837