Macchiato: Importing Cache Side Channels to SDNs

Macchiato: Importing Cache Side Channels to SDNs

Abstract

Since caches are shared and coherent, a memory access of one process may evict from the cache another process’ memory block with an address mapped to the same cache line. This property is exploited by several attacks to form side channels. We show that MAC learning in Software Defined Networks (SDNs) has a similar property in the sense that a MAC address discovered by one network device may be revoked by the discovery of the same address at another switch. This allows us to implement Macchiato, a covert channel for SDNs between any two network devices (including hosts); prior SDN covert channels required at least one malicious switch. We evaluate a prototype implementation of Macchiato and discuss how methods to improve the performance of cache side channels (such as deep neural networks) can also be used in Macchiato.

Grafik Top
Authors
  • Sabzi, Amir
  • Schiff, Liron
  • Thimmaraju, Kashyap
  • Blenk, Andreas
  • Schmid, Stefan
Grafik Top
Supplemental Material
Shortfacts
Category
Paper in Conference Proceedings or in Workshop Proceedings (Paper)
Event Title
16th ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS)
Divisions
Communication Technologies
Subjects
Informatik Allgemeines
Event Location
Virtual Conference
Event Type
Conference
Event Dates
December 13-15
Date
2021
Export
Grafik Top