On Detection Of And Countermeasure Against Thermal Covert Channel Attacks In Many-core Systems

Chip-level security is the cornerstone of information security.In chip-level security attacks,thermal covert channel(TCC)attacks targeting on-chip many-core systems use temperature variations to transmit data,which transfer data from a secured zone to a non-secured zone.With high stealthiness,TCC attacks pose a severe threat to chip-level security.To protect the security of many-core systems,this paper proposes some schemes to detect and counter TCC attacks.Firstly,this paper works on the detection and defense of existing TCC attacks.Since the signal amplitude of TCC at the transmission frequency is much higher than the amplitudes of the thermal noise,this paper proposes a threshold-based detection to check whether there is a TCC attack or not.When a TCC attack is detected and the CPU core running the TCC program is located,a dynamic voltage frequency scaling(DVFS)method is exploited to the core,thereby blocking the TCC's transmission.Secondly,this paper explores a TCC attack with improved stealthiness that can avoid being detected by the threshold-based detection,which makes the DVFS countermeasure fail to work.Based on the features that TCC signals have multiple highamplitude sidelobes,this paper proposes an enhanced detection scheme based on pattern classification,which uses an artificial neural network to detect whether there is a TCC attack or not.Experiments show that the threshold-based detection can detect existing TCC attacks with a detection accuracy of higher than 95%,while the pattern-classificationbased detection can detect both existing TCCs and those with improved stealthiness with a detection accuracy of 99%.Before and after the DVFS countermeasure is applied,the packet error rate(PER)of the TCC communication changes from less than 5% to more than 75%.Therefore,the DVFS countermeasure can thwart TCC transmission in practical terms.In terms of overhead,the CPU runtime overhead and energy overhead incurred by the proposed pattern-classification-based detection method only occupy0.325% of the system runtime,and 0.039% of the total system energy consumption,respectively.In a many-core system larger than 8×8,the system performance loss caused by DVFS countermeasure is less than 2%.The schemes proposed in this paper can detect and defend against the thermal covert channel attack in many-core systems,which effectively prevents on chip information being leaked.