Colored Petri Net Based Cache Side Channel Vulnerability Evaluation

Abstract

Read online

The cache side channel leakage is a very serious security issue in the information security field. In order to solve this problem, a large number of security mechanisms have been applied to protect the cache. However, there are very limited methods we can choose to evaluate the cache side channel vulnerability, therefore, it is hard to know whether our system configuration or applied security mechanisms make caches more resistant to the cache side channel attacks. In this paper, we proposed a colored Petri net based method to model and score the cache side channel vulnerability. When given a side channel attack and related security mechanisms, our method utilized colored Petri net to model the requirements and the attack steps of cache attacks. Then we calculated the probability of success for each attack step according to the requirements and the computer environment, and the Common Vulnerability Scoring System (CVSS) was used to help us score the attack steps. Based on these probabilities and CVSS scores, we finally obtained a total risk score, which represented the threat level of the cache attacks in a specified computer environment with certain security mechanisms. This paper focused on the typical cache attacks and security mechanisms, and our experiments showed that we can conveniently evaluate and compare the threat level of cache attacks in the computer environment with different security mechanisms.

Keywords

• Cache side channel attack
• security evaluation
• CVSS
• colored Petri net
• qualification