Using Trātṛ to tame Adversarial Synchronization

Yuvraj Patel, Chenhao Ye, Akshat Sinha, Abigail Matthews, Andrea C. Arpaci-Dusseau, Michael M. Swift

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract / Description of output

We show that Linux containers are vulnerable to a new class of attacks – synchronization attacks – that exploit kernel synchronization to harm application performance, where an unprivileged attacker can control the duration of kernel critical sections to stall victims running in other containers on the same operating system. Furthermore, a subset of these attacks – framing attacks – persistently harm performance by expanding data structures even after the attacker quiesces. We demonstrate three such attacks on the Linux kernel involving the inode cache, the directory cache, and the futex table. We design Trātṛ, a Linux kernel extension, to detect and mitigate synchronization and framing attacks with low overhead, prevent attacks from worsening, and recover by repairing data structures to their pre-attack state. Using microbenchmarks and real-world workloads, we show that Trātṛ can detect an attack within seconds and recover instantaneously, guaranteeing similar performance to baseline. Our experiments show that Trātṛ can detect simultaneous attacks and mitigate them with minimal overhead.
Original languageEnglish
Title of host publication31st USENIX Security Symposium (USENIX Security 22)
Place of PublicationBoston, MA
PublisherUSENIX Association
Number of pages20
ISBN (Print)978-1-939133-31-1
Publication statusPublished - 12 Aug 2022
EventThe 31st USENIX Security Symposium, 2022 - Boston, United States
Duration: 10 Aug 202212 Aug 2022
Conference number: 31


SymposiumThe 31st USENIX Security Symposium, 2022
Country/TerritoryUnited States
Internet address


Dive into the research topics of 'Using Trātṛ to tame Adversarial Synchronization'. Together they form a unique fingerprint.

Cite this