TWC: Small: Cache-based Side Channel Attacks on Smartphone Graphics Buffers: New Vulnerabilities and Defenses

TWC：小型：针对智能手机图形缓冲区的基于缓存的侧通道攻击：新漏洞和防御

• 批准号: 1619450
• 负责人: Zhiyun Qian
• 金额: $ 51.6万
• 依托单位: University of California-Riverside
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2016
• 资助国家: 美国
• 起止时间: 2016-10-01 至 2021-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1619450&HistoricalAwards=false
• 关键词: TWC; Small; Cache; based; Side

Touch screens on smart mobile devices such as cell phones or tablets allow both user input (touch events) and display output. For a touch screen to function, the mobile device stores input and display data in a graphics buffer internal to the device. The researchers have discovered that a malicious application running on the mobile device could silently monitor characteristics of the graphics buffer to identify the alphanumeric characters that the user types into the touch keyboard or information displayed on the screen. The malicious application could then send that information to a third party, violating the confidentiality of the user's input or output. This project is assessing the feasibility of attacks on the graphics buffer and studying characteristics of graphics buffer vulnerabilities. The researchers are developing software- and hardware-based defenses to mitigate such vulnerabilities.The researchers are studying attacks that use a CPU cache-based side channel, a technique for deriving the access pattern of a process from another process, to identify which locations on the screen are being modified, allowing the attacker to gain information about user I/O activity such as data being typed on a keyboard. Prior work on cache-based side channel attacks and defenses has focused on cryptographic algorithms where the critical data has a small memory footprint, and is read-only. In contrast, graphics buffers are extremely large (on the order of MBytes), and are both read and written to, requiring new approaches for attacks and defenses. The project is studying how such attacks might be generalized, as well as the extent of feasible resolution and precision. Finally, the researchers are designing countermeasures, considering security, performance overhead, complexity, and impact on the core process pipeline and caches.

智能移动的设备（例如手机或平板电脑）上的触摸屏允许用户输入（触摸事件）和显示输出两者。为了使触摸屏起作用，移动终端将输入和显示数据存储在设备内部的图形缓冲器中。研究人员发现，在移动终端上运行的恶意应用程序可以静默地监视图形缓冲区的特性，以识别用户在触摸键盘上键入的字母数字字符或屏幕上显示的信息。 然后，恶意应用程序可以将该信息发送给第三方，从而违反用户输入或输出的机密性。本项目主要是评估对图形缓冲区攻击的可行性，研究图形缓冲区漏洞的特征。 研究人员正在开发基于软件和硬件的防御措施，以减轻此类漏洞。研究人员正在研究使用基于CPU缓存的侧通道的攻击，这是一种从另一个进程中获取进程访问模式的技术，以识别屏幕上的哪些位置正在被修改，允许攻击者获取有关用户I/O活动的信息，例如在键盘上键入的数据。基于边信道的攻击和防御集中于密码算法，其中关键数据具有小的存储器占用并且是只读的。相比之下，图形缓冲区非常大（MB量级），并且既要读取又要写入，因此需要新的攻击和防御方法。该项目正在研究如何推广这种攻击，以及可行的解决方案和精确度。 最后，研究人员正在设计对策，考虑安全性，性能开销，复杂性以及对核心进程管道和缓存的影响。