Title:  Covert/Side Channel Analysis, Modeling and Capacity Estimation

Committee: 

Dr. Zajic, Advisor

Dr. Prvulovic, Co-Advisor       

Dr. Bloch, Chair

Dr. Keromytis

Abstract:

The objective of the proposed research is to analyze, model, and estimate the capacity of side/covert channels to comprehend the severity of information leakage that is a result of hardware and software activities, and to create guidelines to minimize emanations to enable system designs more resilient to side/covert channel attacks.  Side/Covert channels are asynchronous channels which are not designed nor intended to transfer information. These channels are generated as a side effect of performing legitimate program activity on the hardware of computer systems. Various approaches have been proposed in the literature to model such channels to analyze and estimate information leakage capacity. Main drawbacks of current approaches are that they do not consider 1) asynchronous nature of side/covert channels, 2) variability in execution time of each instruction, and 3) interrupts due to other software activities. Ignoring any of these features can result in underestimating the severity of information leakage, and inaccurate models that can mislead the analysis of these channels. To successfully evaluate the severity of side/covert channels, the first objective of this thesis is to define metrics which allow us to assign energy consumption per instruction. The second objective is to exploit the metrics to estimate the leakage capacity of EM based side channels by establishing a connection with Shannon's capacity definition. The third objective is to model and analyze a covert channel, which is deliberately generated with electromagnetic (EM) emanations due to computer activities, by adopting methodologies from conventional communication systems. Finally, the last objective is to model side channel signals emanated while executing instruction sequences on a processor.  The proposed work provides a deep understanding of side/covert channels generated by program activities which can be utilized to secure devices by optimizing their designs to minimize information leakage.