Side channel attack defense method and device based on dynamic memory remapping and cache cleaning

A side-channel attack and dynamic memory technology, applied in the field of network security, can solve problems such as cloud resource sharing, achieve the effect of preventing cache attacks, avoiding resource waste, and ensuring security

Active Publication Date: 2017-09-15
THE PLA INFORMATION ENG UNIV
View PDF4 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Aiming at the deficiencies in the prior art, the present invention provides a side-channel attack defense method and device based on dynamic memory remapping and cache clearing, which effectively solves the problems of cloud resource sharing due to defense operations in the prior art, and has a better defensive effect

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Side channel attack defense method and device based on dynamic memory remapping and cache cleaning
  • Side channel attack defense method and device based on dynamic memory remapping and cache cleaning
  • Side channel attack defense method and device based on dynamic memory remapping and cache cleaning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] The present invention will be further clearly and completely described below in conjunction with the accompanying drawings and technical solutions. Apparently, the described embodiments are only some of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0040] An embodiment of the present invention provides a side channel attack defense method based on dynamic memory remapping and cache clearing, which is implemented based on a virtual machine monitor and a hardware multi-level cache architecture, see figure 1 As shown, the method contains the following:

[0041] Collect the virtual machine information running on the virtual machine monitor, the virtual machine information includes at least the physical pages occupied by each virtual machine, and the protect...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a side channel attack defense method and device based on dynamic memory remapping and cache cleaning. The method comprises the steps of collecting information of virtual machines operating on a virtual machine monitor, wherein the information at least comprises physical pages occupied by each virtual machine and protection memory submitted by the virtual machines; monitoring side channel attacks currently generated based on caches in real time, thereby obtaining attack target information, wherein the attack target information at least comprises attacked target virtual machines, attack frequencies and attacked cache layers; and selecting defense operation, wherein according to the defense operation, cache cleaning operation or memory dynamic remapping operation is selected according to the attacked cache layers in the attack target information. According to the method and the device, the operation efficiency of the virtual machine monitor is taken into consideration; targeted defense is carried out; resource waste is avoided; the security of a cloud computing industry is ensured; the side channel attacks based on the caches can be sensed in real time; and the efficient defense is realized on the basis of not influencing resource sharing to the greatest extent.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a side channel attack defense method and device thereof based on dynamic memory remapping and cache clearing. Background technique [0002] With the continuous development of the cloud computing industry, security issues in the cloud environment have received extensive attention. In order to improve resource utilization, cloud virtualization technology requires different tenants to share the underlying physical resources, so that one tenant can detect the behavior characteristics of another tenant accessing shared resources, speculate on the sensitive information of the target tenant, and implement side channel attacks. Among them, cache-based side-channel attacks are the most harmful due to their various implementation methods and reliable attack results. In recent years, experts in related fields have researched and implemented a variety of cache attacks, ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/53G06F9/455
Inventor 郭云飞杨超刘文彦陈福才季新生程国振霍树民张淼丁瑞浩
Owner THE PLA INFORMATION ENG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap