Timing side channels arise in software when a program’s execution time can be correlated with security-sensitive program input. Recent results on software side-channel detection focus on analysis of program’s source code. However, runtime behavior, in particular optimizations introduced during just-in-time (JIT) compilation, can impact or even introduce timing side channels in programs. In this paper, we present a technique for automatically detecting such JIT-induced timing side channels in Java programs. We first introduce patterns to detect partitions of secret input potentially separable by side channels. Then we present an automated approach for exploring behaviors of the Java Virtual Machine (JVM) to identify states where timing channels separating these partitions arise. We evaluate our technique on three datasets used in recent work on side-channel detection. We find that many code variants labeled ``safe'' with respect to side-channel vulnerabilities are in fact vulnerable to JIT-induced timing side channels. Our results directly contradict the conclusions of four separate state-of-the-art program analysis tools for side-channel detection and demonstrate that JIT-induced side channels are prevalent and can be detected automatically.
Sat 11 JulDisplayed time zone: (UTC) Coordinated Universal Time change
00:00 - 01:00 | |||
00:00 12mTalk | Typestate-Guided Fuzzer for Discovering Use-after-Free VulnerabilitiesTechnical Technical Papers Haijun Wang Ant Financial Services Group, China; CSSE, Shenzhen University, China, Xiaofei Xie Nanyang Technological University, Yi Li Nanyang Technological University, Cheng Wen Xidian University, Yuekang Li Nanyang Technological University, Yang Liu Nanyang Technological University, Singapore, Shengchao Qin University of Teesside, Hongxu Chen Research Associate, Yulei Sui University of Technology Sydney, Australia Link to publication DOI Pre-print | ||
00:12 12mTalk | sFuzz: An Efficient Adaptive Fuzzer for Solidity Smart ContractsTechnical Technical Papers Tai D. Nguyen Singapore Management University, Long H. Pham Singapore University of Technology and Design, Jun Sun Singapore Management University, Yun Lin National University of Singapore, Minh Quang Tran Ho Chi Minh City University of Technology | ||
00:24 12mTalk | Planning for Untangling: Predicting the Difficulty of Merge ConflictsTechnical Technical Papers Caius Brindescu Oregon State University, Iftekhar Ahmed University of California at Irvine, USA, Rafael Leano Oregon State University, Anita Sarma Oregon State University | ||
00:36 12mTalk | Gang of Eight: A Defect Taxonomy for Infrastructure as Code ScriptsTechnical Technical Papers Akond Rahman Tennessee Tech University, Effat Farhana North Carolina State University, Chris Parnin North Carolina State University, Laurie Williams North Carolina State University Pre-print | ||
00:48 12mTalk | JVM Fuzzing for JIT-Induced Side-Channel DetectionTechnical Technical Papers Tegan Brennan University of California, Santa Barbara, Seemanta Saha University of California Santa Barbara, Tevfik Bultan University of California, Santa Barbara |