Macchiato: Importing Cache Side Channels to SDNs

Abstract

Since caches are shared and coherent, a memory access of one process may evict from the cache another process' memory block with an address mapped to the same cache line. This property is exploited by several attacks to form side channels. We show that MAC learning in Software Defined Networks (SDNs) has a similar property in the sense that a MAC address discovered by one network device may be revoked by the discovery of the same address at another switch. This allows us to implement Macchiato, a covert channel for SDNs between any two network devices (including hosts); prior SDN covert channels required at least one malicious switch. We evaluate a prototype implementation of Macchiato and discuss how methods to improve the performance of cache side channels (such as deep neural networks) can also be used in Macchiato.