A Lightweight Delay-based Authentication Scheme for DMA Attack Mitigation

摘要

With the extensive application of the Direct Memory Access (DMA) technique, the efficiency of data transfer between the peripheral and the host machine has been improved dramatically. However, these optimizations also introduce security vulnerabilities and expose the process of data transmission to DMA attacks that utilize the feature of direct access to steal the data stored in the live memory on the victim system. In this paper, we propose a lightweight scheme to provide resilience to DMA attacks without physical and protocol-level modification. The proposed scheme constructs a unique identifier for each DMA-supported PCIe device based on profiling time and builds a trusted database for authentication. The experimental result shows that the proposed methodology eliminates most of the noise produced in the measuring process for identifier construction and the success rate of authentication is 100% for all the devices.