TWC: Small: Cache-based Side Channel Attacks on Smartphone Graphics Buffers: New Vulnerabilities and Defenses

TWC：小型：针对智能手机图形缓冲区的基于缓存的侧通道攻击：新漏洞和防御

• 批准号: 1619450
• 负责人: Zhiyun Qian
• 金额: $ 51.6万
• 依托单位: University of California-Riverside
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2016
• 资助国家: 美国
• 起止时间: 2016-10-01 至 2021-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1619450&HistoricalAwards=false
• 关键词: TWC; Small; Cache; based; Side

Touch screens on smart mobile devices such as cell phones or tablets allow both user input (touch events) and display output. For a touch screen to function, the mobile device stores input and display data in a graphics buffer internal to the device. The researchers have discovered that a malicious application running on the mobile device could silently monitor characteristics of the graphics buffer to identify the alphanumeric characters that the user types into the touch keyboard or information displayed on the screen. The malicious application could then send that information to a third party, violating the confidentiality of the user's input or output. This project is assessing the feasibility of attacks on the graphics buffer and studying characteristics of graphics buffer vulnerabilities. The researchers are developing software- and hardware-based defenses to mitigate such vulnerabilities.The researchers are studying attacks that use a CPU cache-based side channel, a technique for deriving the access pattern of a process from another process, to identify which locations on the screen are being modified, allowing the attacker to gain information about user I/O activity such as data being typed on a keyboard. Prior work on cache-based side channel attacks and defenses has focused on cryptographic algorithms where the critical data has a small memory footprint, and is read-only. In contrast, graphics buffers are extremely large (on the order of MBytes), and are both read and written to, requiring new approaches for attacks and defenses. The project is studying how such attacks might be generalized, as well as the extent of feasible resolution and precision. Finally, the researchers are designing countermeasures, considering security, performance overhead, complexity, and impact on the core process pipeline and caches.

手机或平板电脑等智能移动设备上的触摸屏允许用户输入（触摸事件）和显示输出，为了使触摸屏发挥作用，移动设备将输入和显示数据存储在设备内部的图形缓冲区中。我们发现，在移动设备上运行的恶意应用程序可以默默地监视图形缓冲区的特征，以识别用户在触摸键盘中输入的字母数字字符或屏幕上显示的信息，然后恶意应用程序可以将该信息发送给第三方。一方违反用户输入的机密性或该项目正在评估对图形缓冲区进行攻击的可行性，并研究图形缓冲区漏洞的特征。研究人员正在开发基于软件和硬件的防御措施来缓解此类漏洞。研究人员正在研究使用基于 CPU 缓存的攻击。侧通道是一种从另一个进程派生进程的访问模式的技术，用于识别屏幕上的哪些位置正在被修改，从而允许攻击者获取有关用户 I/O 活动的信息，例如在键盘上键入的数据。在基于缓存的一侧工作通道攻击和防御主要集中在加密算法上，其中关键数据的内存占用很小，并且是只读的，相反，图形缓冲区非常大（大约为兆字节），并且可以读取和写入，需要。该项目正在研究如何推广此类攻击，以及可行的解决方案和精确度，最后，研究人员正在设计对策，考虑安全性、性能开销、复杂性和对核心的影响。处理管道和缓存。