16th USENIX Security Symposium – Abstract
Pp. 257–274 of the Proceedings
Memory Performance Attacks: Denial of Memory Service in Multi-Core Systems
Thomas Moscibroda and Onur Mutlu, Microsoft Research
Abstract
We are entering the multi-core era in computer science. All major
high-performance processor manufacturers have integrated at least two
cores (processors) on the same chip — and it is predicted that chips
with many more cores will become widespread in the near future. As
cores on the same chip share the DRAM memory system, multiple programs
executing on different cores can interfere with each others' memory
access requests, thereby adversely affecting one another's
performance.
In this paper, we demonstrate that current multi-core processors are
vulnerable to a new class of Denial of Service (DoS) attacks because
the memory system is “unfairly” shared among multiple cores. An
application can maliciously destroy the memory-related performance of
another application running on the same chip. We call such an
application a memory performance hog (MPH). With the widespread
deployment of multi-core systems in commodity desktop and laptop
computers, we expect MPHs to become a prevalent security issue that
could affect almost all computer users.
We show that an MPH can reduce the performance of another application
by 2.9 times in an existing dual-core system, without being
significantly slowed down itself; and this problem will become more
severe as more cores are integrated on the same chip. Our analysis
identifies the root causes of unfairness in the design of the memory
system that make multi-core processors vulnerable to MPHs. As a
solution to mitigate the performance impact of MPHs, we propose a new
memory system architecture that provides fairness to different
applications running on the same chip. Our evaluations show that this
memory system architecture is able to effectively contain the negative
performance impact of MPHs in not only dual-core but also 4-core and
8-core systems.
- View the full text of this paper in HTML and PDF. Listen to the presentation in MP3 format.
Until August 2008, you will need your USENIX membership identification in order to access the full papers.
The Proceedings are published as a collective work, © 2007 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.
|