Skip to content
/ NVLeak Public

NVLeak: Off-Chip Side-Channel Attacks via Non-Volatile Memory Systems [USENIX Security '23]

www.thenetadmin.net

License

MIT license
16 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

TheNetAdmin/NVLeak

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

94 Commits
data
data
 
 
docker
docker
 
 
docs
docs
 
 
lens @ 5a84361
lens @ 5a84361
 
 
nvleak @ 787a639
nvleak @ 787a639
 
 
report
report
 
 
scripts
scripts
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

NVLeak

This repo contains artifacts for our USENIX Security '23 paper NVLeak: Off-Chip Side-Channel Attacks via Non-Volatile Memory Systems.

Overview

This repo contains all code and tools to reproduce results in our paper, as well as data parsing and plotting scripts to generate result graph.

The repo directory structure:

.
├── data       # Raw data copied from the NVRAM machine
├── docker     # MongoDB docker image for data parsing scripts
├── docs       # Docs to build and run NVLeak, and reproduce results
├── lens       # Original version of LENS to reproduce part of results in the paper
├── nvleak     # NVLeak code: reverse engineering, cover/side channel, mitigation, runner scripts
├── report     # LaTeX template and R scripts to plot results and generate a pdf report
└── scripts    # Data fetching and parsing scripts

The high-level process of reproducing NVLeak results involves the following steps:

  1. Run lens and nvleak code on the NVRAM machine
  2. Fetch data from NVRAM machine to local develop machine's data dir
  3. Start the docker image and parse data using scripts
  4. Link data to report, plot results and generate a PDF report

See more detailed docs to use NVLeak and reproduce results.

NVLeak overview

The NVLeak sub-repo has the following structure

.
├── docs    # Docs for setting up vscode   
├── scripts # Various helper scripts such as grub setup and NVRAM configurations
├── src     # Reverse engineering suite implementation
└── user    # User space covert/side channel and mitigations implementations
    ├── covert_channel
    │   ├── cross_vm             # Cross-VM covert channel
    │   └── inode                # Filesystem inode-based covert channel
    └── side_channel
        ├── bench.sh             # Helper functions for side channel demos
        ├── common.sh            # Common env vars for side channel demos
        ├── data                 # Database dataset
        ├── libpmemobj-cpp       # PMDK library
        ├── map_cli              # PMDK's key-value store side channel
        ├── mitigation_benchmark # PMDK benchmarks to evaluate mitigation performance
        ├── nvleak               # Side channel attacker code
        ├── select_runner.sh     # Helper functions for side channel demos
        ├── setup                # NVRAM set up functions
        ├── shared_lib           # Shared library side channel demos
        ├── sqlite               # SQLite side channel demos
        └── wolfssl              # wolfSSL side channel demos

Cite NVLeak

@inproceedings{Wang2023NVLeak,
  title     = {{NVLeak}: Off-Chip Side-Channel Attacks via Non-Volatile Memory Systems},
  author    = {Zixuan Wang and Mohammadkazem Taram and Daniel Moghimi and Steven Swanson and Dean Tullsen and Jishen Zhao},
  booktitle = {32nd {USENIX} Security Symposium ({USENIX} Security 23)},
  year      = {2023}
}

License

The code is distributed under MIT license unless otherwise stated under sub folders.

About

NVLeak: Off-Chip Side-Channel Attacks via Non-Volatile Memory Systems [USENIX Security '23]

www.thenetadmin.net

Resources

Readme

License

MIT license
Activity

Stars

16 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

2 tags

Languages