Specularizer : Detecting Speculative Execution Attacks via Performance Tracing-Reference-Cited by-同舟云学术

Specularizer : Detecting Speculative Execution Attacks via Performance Tracing

Published:2021 Issue: Volume: Page:151-172
ISSN:0302-9743
Container-title:Detection of Intrusions and Malware, and Vulnerability Assessment
language:
Short-container-title:

Author:

Wang Wubing,Chen Guoxing,Cheng Yueqiang,Zhang Yinqian,Lin Zhiqiang

Abstract

AbstractThis paper presents Specularizer, a framework for uncovering speculative execution attacks using performance tracing features available in commodity processors. It is motivated by the practical difficulty of eradicating such vulnerabilities in the design of CPU hardware and operating systems and the principle of defense-in-depth. The key idea of Specularizer is the use of Hardware Performance Counters and Processor Trace to perform lightweight monitoring of production applications and the use of machine learning techniques for identifying the occurrence of the attacks during offline forensics analysis. Different from prior works that use performance counters to detect side-channel attacks, Specularizer monitors triggers of the critical paths of the speculative execution attacks, thus making the detection mechanisms robust to different choices of side channels used in the attacks. To evaluate Specularizer, we model all known types of exception-based and misprediction-based speculative execution attacks and automatically generate thousands of attack variants. Experimental results show that Specularizer yields superior detection accuracy and the online tracing of Specularizer incur reasonable overhead.

Publisher

Springer International Publishing

Link

https://link.springer.com/content/pdf/10.1007/978-3-030-80825-9_8

Reference52 articles.

1. Deep dive: Intel analysis of microarchitectural data sampling (2019). https://software.intel.com/security-software-guidance/insights/deep-dive-intel-analysis-microarchitectural-data-sampling

2. Intel analysis of speculative execution side channels. Revision 4.0. Accessed July 2018

3. Mitigating speculative execution side channel hardware vulnerabilities (2018). https://msrc-blog.microsoft.com/2018/03/15/%20mitigating-%20speculative-%20execution-%20side-%20channel-%20hardware-%20vulnerabilities/

4. Speculative execution side channel mitigations (2018). http://kib.kiev.ua/x86docs/SDMs/336996-001.pdf. Revision 1.0, January 2018

5. Deep dive: Intel analysis of l1 terminal fault (2019). https://software.intel.com/security-software-guidance/insights/deep-dive-intel-analysis-l1-terminal-fault

Cited by 3 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Side Channel-Assisted Inference Attacks on Machine Learning-Based ECG Classification;2023 IEEE/ACM International Conference on Computer Aided Design (ICCAD);2023-10-28

2. Research on Security Technology of Processor Branch Prediction;2022 International Conference on Computing, Communication, Perception and Quantum Technology (CCPQT);2022-08

3. MADFAM: MicroArchitectural Data Framework and Methodology;IEEE Access;2022