Technologies for cache side channel attack detection and mitigation

Assignee

• Intel Corporation · US

Inventors

• John J. Browne · Limerick, IE
• Marcel CORNU · Strokestown, IE
• Timothy Verrall · Pleasant Hill, US
• Tomasz Kantecki · Ennis, IE
• Niall Power · Limerick, IE
• Weigang Li · Ottawa, CA
• Eoin Walsh · Limerick, IE
• Maryam Tahhan · Limerick, IE

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/033
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Technologies for cache side channel attack detection and mitigation include an analytics server and one or more monitored computing devices. The analytics server polls each computing device for analytics counter data. The computing device generates the analytics counter data using a resource manager of a processor of the computing device. The analytics counter data may include last-level cache data or memory bandwidth data. The analytics server identifies suspicious core activity based on the analytics counter data and, if identified, deploys a detection process to the computing device. The computing device executes the detection process to identify suspicious application activity. If identified, the computing device may perform one or more corrective actions. Corrective actions include limiting resource usage by a suspicious process using the resource manager of the processor. The resource manager may limit cache occupancy or memory bandwidth used by the suspicious process. Other embodiments are described and claimed.