*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************
Title: Covert/Side Channel Analysis, Modeling and Capacity Estimation
Committee:
Dr. Alenka Zajic, ECE, Chair , Advisor
Dr. Milos Prvulovic, CoC, Co-Advisor
Dr. Matthieu Bloch, ECE
Dr. Angelos Keromytis, ECE
Dr. Gregory Durgin, ECE
Dr. Alessandro Orso, CS
Abstract:
Side/Covert channels are asynchronous channels which are not designed nor intended to transfer information. These channels are generated as a byproduct of performing legitimate program activities on the hardware of computer systems. Although there are many approaches to analyze and estimate their information leakage capacity, they do not consider 1) asynchronous nature of side/covert channels, 2) variability in execution time of each instruction, and 3) interrupts due to other software activities. Ignoring any of these features can result in underestimating the severity of information leakage, and inaccurate models that can mislead the analysis of these channels. To successfully evaluate the severity of side/covert channels, our research has 1) modeled the side channels considering the dependency among instructions as a consequence of processor pipeline and program functionality, 2) modeled and analyzed an electromagnetic (EM) covert channel, generated due to computer activities, and proposed bounds for the capacity of these channels, 3) introduced a generalized model for covert channels with different sources (i.e. power, cache, EM, etc.) and an assessment methodology to analyze systems against attacks based on these channels, and 4) modeled side channel signals emanated while executing instruction sequences on a processor, which leverages design-stage investigation of new products. The work provides a deep understanding of side/covert channels generated by program activities which can be utilized to secure devices by optimizing their designs to minimize information leakage.
