DevIOus: Device-Driven Side-Channel Attacks on the IOMMU

Taehun Kim; Hyeongjin Park; Seokmin Lee; Seunghee Shin; Junbeom Hur; Youngjoo Shin

doi:10.1109/SP46215.2023.10179283

DevIOus: Device-Driven Side-Channel Attacks on the IOMMU

Taehun Kim^*
, Hyeongjin Park^*
, Seokmin Lee^*
, Seunghee Shin
, Junbeom Hur^*
, Youngjoo Shin^*

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

8 Citations (Scopus)

Abstract

Modern computer systems take advantage of Input/Output Memory Management Unit (IOMMU) to protect memory from DMA attacks, or to achieve strong isolation in virtualization. Despite its promising benefits, the IOMMU could be a new source of security threats. Like the MMU, the IOMMU also has Translation Lookaside Buffer (TLB) named IOTLB, an address translation cache that keeps the recent translations. Accordingly, the IOTLB can be a target of a timing side-channel attack, revealing victim's secret. In this paper, we present DevIOus, a novel device-driven side-channel attack exploiting the IOTLB. DevIOus employs DMA-capable PCIe devices, such as GPU and RDMA-enabled NIC (RNIC), to deliver the attack. Thus, our attack has no influence on CPU caches or TLB in a victim's machine. Implementing DevIOus is not trivial as microarchitectural internals of the IOTLB of Intel processors are hidden. We overcome this by reverse-engineering the IOTLB and disclose its hidden architectural properties. Based on this, we construct two IOTLB-based timing attack primitives using a GPU and an RNIC. Then, we demonstrate practical attacks that target co-located VMs under hardware-assisted isolation, and remote machines connected over the RDMA network. We also discuss possible mitigations against the proposed side-channel attack.

Original language	English
Title of host publication	Proceedings - 44th IEEE Symposium on Security and Privacy, SP 2023
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	2288-2305
Number of pages	18
ISBN (Electronic)	9781665493369
DOIs	https://doi.org/10.1109/SP46215.2023.10179283
Publication status	Published - 2023
Event	44th IEEE Symposium on Security and Privacy, SP 2023 - Hybrid, San Francisco, United States Duration: 2023 May 22 → 2023 May 25

Publication series

Name	Proceedings - IEEE Symposium on Security and Privacy
Volume	2023-May
ISSN (Print)	1081-6011

Conference

Conference	44th IEEE Symposium on Security and Privacy, SP 2023
Country/Territory	United States
City	Hybrid, San Francisco
Period	23/5/22 → 23/5/25

Bibliographical note

Publisher Copyright:
© 2023 IEEE.

ASJC Scopus subject areas

Safety, Risk, Reliability and Quality
Software
Computer Networks and Communications

Access to Document

10.1109/SP46215.2023.10179283

Cite this

Kim, T., Park, H., Lee, S., Shin, S., Hur, J., & Shin, Y. (2023). DevIOus: Device-Driven Side-Channel Attacks on the IOMMU. In Proceedings - 44th IEEE Symposium on Security and Privacy, SP 2023 (pp. 2288-2305). (Proceedings - IEEE Symposium on Security and Privacy; Vol. 2023-May). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SP46215.2023.10179283

DevIOus: Device-Driven Side-Channel Attacks on the IOMMU. / Kim, Taehun; Park, Hyeongjin; Lee, Seokmin et al.
Proceedings - 44th IEEE Symposium on Security and Privacy, SP 2023. Institute of Electrical and Electronics Engineers Inc., 2023. p. 2288-2305 (Proceedings - IEEE Symposium on Security and Privacy; Vol. 2023-May).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Kim, T, Park, H, Lee, S, Shin, S, Hur, J & Shin, Y 2023, DevIOus: Device-Driven Side-Channel Attacks on the IOMMU. in Proceedings - 44th IEEE Symposium on Security and Privacy, SP 2023. Proceedings - IEEE Symposium on Security and Privacy, vol. 2023-May, Institute of Electrical and Electronics Engineers Inc., pp. 2288-2305, 44th IEEE Symposium on Security and Privacy, SP 2023, Hybrid, San Francisco, United States, 23/5/22. https://doi.org/10.1109/SP46215.2023.10179283

@inproceedings{f741b5c6c62e4ffaa49384ad5ecec8ed,

title = "DevIOus: Device-Driven Side-Channel Attacks on the IOMMU",

abstract = "Modern computer systems take advantage of Input/Output Memory Management Unit (IOMMU) to protect memory from DMA attacks, or to achieve strong isolation in virtualization. Despite its promising benefits, the IOMMU could be a new source of security threats. Like the MMU, the IOMMU also has Translation Lookaside Buffer (TLB) named IOTLB, an address translation cache that keeps the recent translations. Accordingly, the IOTLB can be a target of a timing side-channel attack, revealing victim's secret. In this paper, we present DevIOus, a novel device-driven side-channel attack exploiting the IOTLB. DevIOus employs DMA-capable PCIe devices, such as GPU and RDMA-enabled NIC (RNIC), to deliver the attack. Thus, our attack has no influence on CPU caches or TLB in a victim's machine. Implementing DevIOus is not trivial as microarchitectural internals of the IOTLB of Intel processors are hidden. We overcome this by reverse-engineering the IOTLB and disclose its hidden architectural properties. Based on this, we construct two IOTLB-based timing attack primitives using a GPU and an RNIC. Then, we demonstrate practical attacks that target co-located VMs under hardware-assisted isolation, and remote machines connected over the RDMA network. We also discuss possible mitigations against the proposed side-channel attack.",

author = "Taehun Kim and Hyeongjin Park and Seokmin Lee and Seunghee Shin and Junbeom Hur and Youngjoo Shin",

note = "Publisher Copyright: {\textcopyright} 2023 IEEE.; 44th IEEE Symposium on Security and Privacy, SP 2023 ; Conference date: 22-05-2023 Through 25-05-2023",

year = "2023",

doi = "10.1109/SP46215.2023.10179283",

language = "English",

series = "Proceedings - IEEE Symposium on Security and Privacy",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "2288--2305",

booktitle = "Proceedings - 44th IEEE Symposium on Security and Privacy, SP 2023",

}

TY - GEN

T1 - DevIOus

T2 - 44th IEEE Symposium on Security and Privacy, SP 2023

AU - Kim, Taehun

AU - Park, Hyeongjin

AU - Lee, Seokmin

AU - Shin, Seunghee

AU - Hur, Junbeom

AU - Shin, Youngjoo

PY - 2023

Y1 - 2023

N2 - Modern computer systems take advantage of Input/Output Memory Management Unit (IOMMU) to protect memory from DMA attacks, or to achieve strong isolation in virtualization. Despite its promising benefits, the IOMMU could be a new source of security threats. Like the MMU, the IOMMU also has Translation Lookaside Buffer (TLB) named IOTLB, an address translation cache that keeps the recent translations. Accordingly, the IOTLB can be a target of a timing side-channel attack, revealing victim's secret. In this paper, we present DevIOus, a novel device-driven side-channel attack exploiting the IOTLB. DevIOus employs DMA-capable PCIe devices, such as GPU and RDMA-enabled NIC (RNIC), to deliver the attack. Thus, our attack has no influence on CPU caches or TLB in a victim's machine. Implementing DevIOus is not trivial as microarchitectural internals of the IOTLB of Intel processors are hidden. We overcome this by reverse-engineering the IOTLB and disclose its hidden architectural properties. Based on this, we construct two IOTLB-based timing attack primitives using a GPU and an RNIC. Then, we demonstrate practical attacks that target co-located VMs under hardware-assisted isolation, and remote machines connected over the RDMA network. We also discuss possible mitigations against the proposed side-channel attack.

AB - Modern computer systems take advantage of Input/Output Memory Management Unit (IOMMU) to protect memory from DMA attacks, or to achieve strong isolation in virtualization. Despite its promising benefits, the IOMMU could be a new source of security threats. Like the MMU, the IOMMU also has Translation Lookaside Buffer (TLB) named IOTLB, an address translation cache that keeps the recent translations. Accordingly, the IOTLB can be a target of a timing side-channel attack, revealing victim's secret. In this paper, we present DevIOus, a novel device-driven side-channel attack exploiting the IOTLB. DevIOus employs DMA-capable PCIe devices, such as GPU and RDMA-enabled NIC (RNIC), to deliver the attack. Thus, our attack has no influence on CPU caches or TLB in a victim's machine. Implementing DevIOus is not trivial as microarchitectural internals of the IOTLB of Intel processors are hidden. We overcome this by reverse-engineering the IOTLB and disclose its hidden architectural properties. Based on this, we construct two IOTLB-based timing attack primitives using a GPU and an RNIC. Then, we demonstrate practical attacks that target co-located VMs under hardware-assisted isolation, and remote machines connected over the RDMA network. We also discuss possible mitigations against the proposed side-channel attack.

UR - https://www.scopus.com/pages/publications/85166483146

U2 - 10.1109/SP46215.2023.10179283

DO - 10.1109/SP46215.2023.10179283

M3 - Conference contribution

AN - SCOPUS:85166483146

T3 - Proceedings - IEEE Symposium on Security and Privacy

SP - 2288

EP - 2305

BT - Proceedings - 44th IEEE Symposium on Security and Privacy, SP 2023

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 22 May 2023 through 25 May 2023

ER -

DevIOus: Device-Driven Side-Channel Attacks on the IOMMU

Abstract

Publication series

Conference

Bibliographical note

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this