As computer systems grow more and more complicated, various performance optimizations can unintentionally introduce security vulnerabilities in these systems. The vulnerabilities can lead to user information and data being compromised or stolen. Many of the computer processor optimizations often focus on sharing or re-using the processor hardware between different users or programs. This can lead to different types of timing-based security attacks where the sharing or re-using of hardware components influences the timing of the operations performed on the processor. Different timing can be exploited by malicious users to gain information about operations or data of the co-located victim program or user. To address the security threats, this talk will present research on developing a theoretical model for cache and TLB timing attacks to help evaluate the susceptibility of different architectures and microarchitectures to timing attacks on caches and TLBs. Further, it will present a benchmark suite built upon the model to test if processor caches, or secure cache designs, are vulnerable to the theoretical vulnerabilities found using the theoretical model. The talk will also present defenses for the TLBs which were developed to address the newly found vulnerabilities. Going beyond caches and TLBs, the presentation will also discuss research on, and evaluation of, timing and power-based attacks in the processor frontend.
Shuwen Deng is a final-year Ph.D. candidate at Yale University, advised by Prof. Jakub Szefer. Her research interests span computer architecture and security. Specifically, she focuses her research on developing secure processor microarchitectures by proposing side-channel vulnerability checking schemes and combining the theoretical modeling with practical benchmarking analysis. She also researches new microarchitectural vulnerabilities, including those of value predictors and processor frontend. She is the recipient of the 2020 Google PhD Fellowship in Privacy and Security, and an Elihu Elias Dickerman Fellowship. She has been named a Rising Star in EECS by the University of California Berkeley. Her work has been selected as Top Picks 2021 in Hardware and Embedded Security.