Mitigating Microarchitectural Vulnerabilities to Improve Cloud Security and Reliability
dc.contributor.author | Loughlin, Kevin | |
dc.date.accessioned | 2023-09-22T15:19:49Z | |
dc.date.available | 2023-09-22T15:19:49Z | |
dc.date.issued | 2023 | |
dc.date.submitted | 2023 | |
dc.identifier.uri | https://hdl.handle.net/2027.42/177731 | |
dc.description.abstract | Cloud providers must isolate each execution context—e.g., a virtual machine (VM)—atop shared hardware. Unfortunately, commodity hardware only strongly enforces context isolation at the architectural level, failing to enforce isolation in the microarchitectural implementation of hardware. The lack of microarchitectural isolation yields a wide range of threats to system security and reliability, including denial-of-service, data loss, data leakage, and even system subversion. Accordingly, this dissertation presents mitigations for two of the most prominent classes of modern microarchitectural vulnerabilities: transient execution attacks on CPUs---which allow arbitrary data to be leaked from processors via mis-speculation and timing side channels---and Rowhammer---which corrupts and potentially leaks data in DRAM via memory access patterns that produce silicon-level disturbance effects. In particular, DOLMA provides the first hardware mitigation against all demonstrated transient execution attacks at the time of publication. Stop! Hammer Time presents hardware primitives upon which scalable and flexible software defenses can be built across the taxonomy of Rowhammer mitigations. MOESI-prime introduces coherence-induced hammering, the first form of hammering shown to occur in non-malicious code, and provides a corresponding coherence protocol-based mitigation. Finally, Siloz isolates different VMs to private DRAM subarray groups (across which Rowhammer attacks are ineffective), thereby preventing inter-VM Rowhammer bit flips. | |
dc.language.iso | en_US | |
dc.subject | hardware security | |
dc.subject | systems security | |
dc.subject | operating systems | |
dc.subject | computer microarchitecture | |
dc.subject | hardware-software co-design | |
dc.subject | computer architecture | |
dc.title | Mitigating Microarchitectural Vulnerabilities to Improve Cloud Security and Reliability | |
dc.type | Thesis | |
dc.description.thesisdegreename | PhD | en_US |
dc.description.thesisdegreediscipline | Computer Science & Engineering | |
dc.description.thesisdegreegrantor | University of Michigan, Horace H. Rackham School of Graduate Studies | |
dc.contributor.committeemember | Kasikci, Baris | |
dc.contributor.committeemember | Zhang, Zhengya | |
dc.contributor.committeemember | Austin, Todd M | |
dc.contributor.committeemember | Mutlu, Onur | |
dc.contributor.committeemember | Quereshi, Moinuddin | |
dc.subject.hlbsecondlevel | Computer Science | |
dc.subject.hlbtoplevel | Engineering | |
dc.description.bitstreamurl | http://deepblue.lib.umich.edu/bitstream/2027.42/177731/1/kevlough_1.pdf | |
dc.identifier.doi | https://dx.doi.org/10.7302/8188 | |
dc.identifier.orcid | 0000-0003-4647-3201 | |
dc.identifier.name-orcid | Loughlin, Kevin; 0000-0003-4647-3201 | en_US |
dc.working.doi | 10.7302/8188 | en |
dc.owningcollname | Dissertations and Theses (Ph.D. and Master's) |
Files in this item
Remediation of Harmful Language
The University of Michigan Library aims to describe library materials in a way that respects the people and communities who create, use, and are represented in our collections. Report harmful or offensive language in catalog records, finding aids, or elsewhere in our collections anonymously through our metadata feedback form. More information at Remediation of Harmful Language.
Accessibility
If you are unable to use this file in its current format, please select the Contact Us link and we can modify it to make it more accessible to you.