Skip to main content

CaSym: Cache aware symbolic execution for side channel detection and mitigation

Publication ,  Conference
Brotzman, R; Liu, S; Zhang, D; Tan, G; Kandemir, M
Published in: Proceedings - IEEE Symposium on Security and Privacy
May 1, 2019

Cache-based side channels are becoming an important attack vector through which secret information can be leaked to malicious parties. implementations and Previous work on cache-based side channel detection, however, suffers from the code coverage problem or does not provide diagnostic information that is crucial for applying mitigation techniques to vulnerable software. We propose CaSym, a cache-aware symbolic execution to identify and report precise information about where side channels occur in an input program. Compared with existing work, CaSym provides several unique features: (1) CaSym enables verification against various attack models and cache models, (2) unlike many symbolic-execution systems for bug finding, CaSym verifies all program execution paths in a sound way, (3) CaSym uses two novel abstract cache models that provide good balance between analysis scalability and precision, and (4) CaSym provides sufficient information on where and how to mitigate the identified side channels through techniques including preloading and pinning. Evaluation on a set of crypto and database benchmarks shows that CaSym is effective at identifying and mitigating side channels, with reasonable efficiency.

Duke Scholars

Altmetric Attention Stats
Dimensions Citation Stats

Published In

Proceedings - IEEE Symposium on Security and Privacy

DOI

ISSN

1081-6011

Publication Date

May 1, 2019

Volume

2019-May

Start / End Page

505 / 521
 

Citation

APA
Chicago
ICMJE
MLA
NLM
Brotzman, R., Liu, S., Zhang, D., Tan, G., & Kandemir, M. (2019). CaSym: Cache aware symbolic execution for side channel detection and mitigation. In Proceedings - IEEE Symposium on Security and Privacy (Vol. 2019-May, pp. 505–521). https://doi.org/10.1109/SP.2019.00022
Brotzman, R., S. Liu, D. Zhang, G. Tan, and M. Kandemir. “CaSym: Cache aware symbolic execution for side channel detection and mitigation.” In Proceedings - IEEE Symposium on Security and Privacy, 2019-May:505–21, 2019. https://doi.org/10.1109/SP.2019.00022.
Brotzman R, Liu S, Zhang D, Tan G, Kandemir M. CaSym: Cache aware symbolic execution for side channel detection and mitigation. In: Proceedings - IEEE Symposium on Security and Privacy. 2019. p. 505–21.
Brotzman, R., et al. “CaSym: Cache aware symbolic execution for side channel detection and mitigation.” Proceedings - IEEE Symposium on Security and Privacy, vol. 2019-May, 2019, pp. 505–21. Scopus, doi:10.1109/SP.2019.00022.
Brotzman R, Liu S, Zhang D, Tan G, Kandemir M. CaSym: Cache aware symbolic execution for side channel detection and mitigation. Proceedings - IEEE Symposium on Security and Privacy. 2019. p. 505–521.

Published In

Proceedings - IEEE Symposium on Security and Privacy

DOI

ISSN

1081-6011

Publication Date

May 1, 2019

Volume

2019-May

Start / End Page

505 / 521