Hands-On Information
Getting Started
Getting Started
- Go to this document and claim a user.
- Login to your AWS machine. Note: Passwords are usernames prefixed with "isca19-"
- Type isca-cc-help and hit return. Familiarize yourself with these commands and use them to get a feeling for the covert-channels.
- Visualize contention on the L1D channel using isca-cc-create-l1d-contention and isca-cc-graph-l1d-contention
- Checkout the source code and build it
- Each protocol has run-time parameters which change the reliability/performance characteristics. Find these, tweak them, and observe the results.
- If you get here, talk to Yasser for an advanced project!
Getting Help
Getting Help
For help with the covert-channels feel free to email the authors or find us during the tutorial/conference.
- Yasser Shalabi: yshalab2@illinois.edu
- Mohamad El Hajj: melhajj2@illinois.edu
- Shijia Wei: shijiawei@utexas.edu
Machine information
Machine information
Machine 1:
- IP: 54.212.46.99 ( ssh userX@54.212.46.99 )
- Users: user0, user1, ... , user29
Machine 2:
- IP: 52.38.181.62 ( ssh userX@52.38.181.62 )
- Users: user0, user1, ... , user29
Commands
Commands
- pin-send, pin_recv
- isca-cc-help
- isca-cc-pp-fr-send
- isca-cc-pp-fr-recv
- isca-cc-pp-l1d-send
- isca-cc-pp-l1d-recv
- isca-cc-create-l1d-contention
- isca-cc-graph-l1d-contention
- isca-cc-measure-l1d-contention
- isca-cc-pp-llc-send
- isca-cc-pp-llc-recv
Covert-Channels Implementation Info
Covert-Channels Implementation Info
We have implementations for chat clients using covert-channels built on shared physical-memory, shared L1D cache, and shared LLC.
- Flush+Reload sender/receiver (isca-cc-pp-fr-send , isca-cc-pp-fr-recv)
- Shared memory between sender and receivier comes by mmap'ing a shared common file.
- Prime+Probe (isca-cc-pp-l1d-send, isca-cc-pp-l1d-recv, isca-cc-pp-llc-send, isca-cc-pp-llc-recv)
- Two variations: asynchronous and synchronous
- Shared cache -- either L1d or LLC
- asynchronous implementation implement a protocol which works towards establishing a reliable delivery layer on top of an unreliable communication channel.
Links
Links
- User names document -- use this to reserve usernames for the covert-channel machines (available throughout the conference.
- https://docs.google.com/document/d/1hIdM6tTT_1VxsZZUDyXmYGM-OmG6kRbABx6pAYZJrc4/edit
- Sources
- https://github.com/yshalabi/covert-channel-tutorial (ISCA 19 tutorial)
- https://github.com/yshalabi/covert-channel-toolkit (prime+probe L1d covert-channel)
- https://github.com/moehajj/Flush-Reload (flush+reload covert channel)
- https://github.com/0x161e-swei/covert-channel-101 (prime+probe LLC covert-channel)