Securing Accelerators with Dynamic Information Flow Tracking
Luca Piccolboni, Giuseppe Di Guglielmo, Luca Carloni

TL;DR
This paper demonstrates how accelerators can bypass dynamic information flow tracking (DIFT) security and proposes a hardware solution to restore DIFT's security guarantees with minimal performance and area impact.
Contribution
It reveals the vulnerability of DIFT to accelerators and introduces a hardware-based method to secure DIFT in heterogeneous SoCs.
Findings
Accelerators can break DIFT security.
Hardware solutions can restore DIFT security.
Low overhead hardware implementation is feasible.
Abstract
Systems-on-chip (SoCs) are becoming heterogeneous: they combine general-purpose processor cores with application-specific hardware components, also known as accelerators, to improve performance and energy efficiency. The advantages of heterogeneity, however, come at a price of threatening security. The architectural dissimilarities of processors and accelerators require revisiting the current security techniques. With this hardware demo, we show how accelerators can break dynamic information flow tracking (DIFT), a well-known security technique that protects systems against software-based attacks. We also describe how the security guarantees of DIFT can be re-established with a hardware solution that has low performance and area penalties.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSecurity and Verification in Computing · Advanced Malware Detection Techniques · Physical Unclonable Functions (PUFs) and Hardware Security
