Lars Bauer

Jeferson Gonzalez-Gomez, Jose Alejandro Ibarra-Campos, Jesus Yamir Sandoval-Morales et al.

Covert channel attacks have been continuously studied as severe threats to modern computing systems. Software-based covert channels are a typically hard-to-detect branch of these attacks, since they leverage virtual resources to establish illegitimate communication between malicious actors. In this work, we present MeMoir: a novel software-driven covert channel that, for the first time, utilizes memory usage as the medium for the channel. We implemented the new covert channel on two real-world platforms with different architectures: a general-purpose Intel x86-64-based desktop computer and an ARM64-based embedded system. Our results show that our new architecture- and hardware-agnostic covert channel is effective and achieves moderate transmission rates with very low error. Moreover, we present a real use-case for our attack where we were able to communicate information from a Hyper-V virtualized enviroment to a Windows 11 host system. In addition, we implement a machine learning-based detector that can predict whether an attack is present in the system with an accuracy of more than 95% with low false positive and false negative rates by monitoring the use of system memory. Finally, we introduce a noise-based countermeasure that effectively mitigates the attack while inducing a low power overhead in the system compared to other normal applications.

Hassan Nassar, Rafik Youssef, Lars Bauer et al.

As the need for more computing power grows, traditional methods are hitting limits. To boost performance, we're expanding Central Processing Unit (CPU) capabilities and using specialized hardware accelerators. For example, mobile devices usually have cameras, video encoding, and audio accelerators. To perform the different tasks, these accelerators execute microcode programs. These accelerators, however, take up space and often sit idle. Reconfigurable processors offer a solution. They have a normal core connected to several accelerator slots. These accelerator slots can be filled during runtime to accommodate the application running. Once one application finishes and another application is running, the accelerators can be switched. For example, playing music after using the camera. In this work, we introduce dynamic control-flow execution for the microcode of runtime reconfigurable processors, i.e., support for loops, conditional jumps, and exception handling. We benchmark using four different applications from four domains (object detection, ocean movement simulation, artificial intelligence and security) that all are compute-intensive and would require the dynamic control-flow when executed on reconfigurable processors. We show that the dynamic control-flow allows different applications to be executed with significant speedup in comparison with execution on general-purpose processors.