Preventing denial-of-service attacks in shared CMP caches

Georgios Keramidas, Pavlos Petoumenos, Stefanos Kaxiras, Alexandros Antonopoulos, Dimitrios Serpanos

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Denial-of-Service (DoS) attacks try to exhaust some shared resources (e.g. process tables, functional units) of a service-centric provider. As Chip Multi-Processors (CMPs) are becoming mainstream architecture for server class processors, the need to manage on-chip resources in a way that can provide QoS guarantees becomes a necessity. Shared resources in CMPs typically include L2 cache memory. In this paper, we explore the problem of managing the on-chip shared caches in a CMP workstation where malicious threads or just cache "hungry" threads try to hog the cache giving rise to DoS opportunities. An important characteristic of our method is that there is no need to distinguish between malicious and "healthy" threads. The proposed methodology is based on a statistical model of a shared cache that can be fed with run-time information and accurately describe the behavior of the shared threads. Using this information, we are able to understand which thread (malicious or not) can be "compressed" into less space with negligible damage and to drive accordingly the underlying replacement policy of the cache. Our results show that the proposed attack-resistant replacement algorithm can be used to enforce high-level policies such as policies that try to maximize the "usefulness" of the cache real estate or assign custom space-allocation policies based on external QoS needs.
Original languageEnglish
Title of host publicationEmbedded computer systems: architectures, modeling, and simulation
Subtitle of host publication6th international workshop, SAMOS 2006, Samos, Greece, July 17-20, 2006 proceedings
EditorsStamatis Vassiliadis, Stephan Wong, Timo D. Hämäläinen
Place of PublicationBerlin, Heidelberg, New York
PublisherSpringer Nature
Pages359-372
Number of pages14
ISBN (Print)9783540364108
DOIs
Publication statusPublished - 2006
Event6th International Workshop on Architectures, Modeling, and Simulation - Samos, Greece
Duration: 17 Jul 200620 Jul 2006

Publication series

NameLecture notes in computer science
PublisherSpringer
Volume4017
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference6th International Workshop on Architectures, Modeling, and Simulation
Abbreviated titleSAMOS 2006
Country/TerritoryGreece
CitySamos
Period17/07/0620/07/06

Keywords

  • Active Ratio
  • Cache Size
  • Cache Replacement
  • Shared Cache
  • Reuse Distance

Fingerprint

Dive into the research topics of 'Preventing denial-of-service attacks in shared CMP caches'. Together they form a unique fingerprint.

Cite this