DABANGG: New Attack on Intel & AMD chips discovered by Indian IIT researchers

A group of specialists from an information security consulting company revealed a research that claims that the latest Intel and AMD processors are vulnerable to a new form of side-channel attack; this attack variant would be resistant to the noise on the targeted system, making it highly effective against modern processors.

The research, entitled “DABANGG: Time for Fearless Flush based Cache Attacks”, was led by researchers Biswabandan Panda and Anish Saxena of the Indian Institute of Technology (IIT). In their document, the experts note that this approach is based on renowned Flush+Reload and Flush+Flush attacks, which have been widely used against Intel devices.

According to the experts the information security consulting company this new variant increased the accuracy of attacks, even on multi-core systems or non-Linux systems, such as macOS: “These cache attacks depend on cache latency calibration; a next-generation cache synchronization attack is not effective in real world scenarios, as most operate in a highly controlled environment,” experts say.

Using the DABANGG variant, experts were able to create the conditions so that the attack could succeed in a real world scenario, rendering this attack completely persistent against system noise, noting that it is perfectly functional even in very noisy environments.

The Flush+Reload and Flush+Flush attacks work by flushing the memory line (with the “clflush” statement). They then wait for the target user process to access the memory line, measuring the time required for this process, the experts from the cyber security consulting company mentioned.

The DABANGG attack is similar to the Flush+Reload and Flush+Flush attacks in that it is a color based attack and depends on the running time difference between cached and non-cached memory accesses. However, unlike those attacks, DABANGG leads to the thresholds used to differentiate a cache hit from being noticeable.

DABANGG refines deficiencies by capturing the processor’s frequency distribution in the pre-attack stage and using one to stabilize the frequency, before proceeding with a Flush+Reload or Flush+Flush attack to calculate latency, as experts from the International Institute of Cyber Security Institute (IICS) noted.

Researchers will publish the proof-of-concept source code on GitHub within a couple of weeks. Research is also available on the researchers’ official platforms.