Short Paper Static and Microarchitectural ML-Based Approaches For Detecting SpectreVulnerabilities and At_tacks Chidera Biringa
2025-05-03
0
0
2.67MB
5 页
10玖币
侵权投诉
Short Paper: Static and Microarchitectural ML-Based Approaches
For Detecting Spectre Vulnerabilities and Aacks
Chidera Biringa
cbiringa@umassd.edu
University of Massachusetts
Dartmouth, USA
Gaspard Baye
bgaspard@umassd.edu
University of Massachusetts
Dartmouth, USA
Gökhan Kul
gkul@umassd.edu
University of Massachusetts
Dartmouth, USA
ABSTRACT
Spectre intrusions exploit speculative execution design vulnerabil-
ities in modern processors. The attacks violate the principles of
isolation in programs to gain unauthorized private user informa-
tion. Current state-of-the-art detection techniques utilize micro-
architectural features or vulnerable speculative code to detect these
threats. However, these techniques are insufficient as Spectre at-
tacks have proven to be more stealthy with recently discovered
variants that bypass current mitigation mechanisms. Side-channels
generate distinct patterns in processor cache, and sensitive infor-
mation leakage is dependent on source code vulnerable to Spectre
attacks, where an adversary uses these vulnerabilities, such as
branch prediction, which causes a data breach. Previous studies
predominantly approach the detection of Spectre attacks using the
microarchitectural analysis, a reactive approach. Hence, in this pa-
per, we present the first comprehensive evaluation of static and
microarchitectural analysis-assisted machine learning approaches
to detect Spectre vulnerable code snippets (preventive) and Spectre
attacks (reactive). We evaluate the performance trade-offs in em-
ploying classifiers for detecting Spectre vulnerabilities and attacks.
CCS CONCEPTS
•Security and privacy
→
Static Code and Microarchitectural
Analysis; • Detection →Machine and Deep Learning.
KEYWORDS
Spectre Vulnerability, Spectre Attack, Gadgets, CPU Processes State
ACM Reference Format:
Chidera Biringa, Gaspard Baye, and Gökhan Kul. 2022. Short Paper: Static
and Microarchitectural ML-Based Approaches For Detecting Spectre Vul-
nerabilities and Attacks. In .,5pages.
1 INTRODUCTION
Speculative execution [
29
] is a
𝜇
arch method used to improve mod-
ern microprocessor performance. In 2018, Kocher et al. [
18
] showed
that components that support speculative execution of assembly in-
structions such as branch predictions leave quantifiable side effects
in processor caches along with other shared resources even with
the absence of instruction commit. Spectre attacks [
18
] are a class of
𝜇
arch attacks that pose a significant threat to a computer’s security
Permission to make digital or hard copies of all or part of this work for personal or
classroom use is granted without fee provided that copies are not made or distributed
for profit or commercial advantage and that copies bear this notice and the full citation
on the first page. Copyrights for components of this work owned by others than ACM
must be honored. Abstracting with credit is permitted. To copy otherwise, or republish,
to post on servers or to redistribute to lists, requires prior specific permission and/or a
fee. Request permissions from permissions@acm.org.
, ,
by revealing private user data through a side-channel cache-timing
attack. Spectre-variant attacks exploit processor branch prediction
to obtain the victim’s data. A holistic and aggressive fix implies re-
thinking the contract between the instruction set architecture (ISA)
and
𝜇
arch [
12
]. This realization led to the development of several
detection [
11
,
20
,
26
,
34
] and mitigation [
36
] solutions. Currently,
𝜇
arch-based detection techniques are dependent on hardware per-
formance measures [
4
,
20
,
21
], which dictate the distribution of
cache stress levels – hits or misses over time. However, attacks can
still propagate with adversarial manipulation of the performance
counters profiling tools such as
perf
. On the other hand, detection
using Spectre vulnerable code snippets [
26
,
34
] is constrained to
known vulnerabilities and side-channel data breaches. Several Spec-
tre mitigation strategies such as LFENCE [
14
] and Kernel Page Table
Isolation (KPTI) [
24
] for solving Meltdown attacks [
22
] attempt to
obtain a viable concession between performance and security. This
approach institutes a strictly enforced security that invariably leads
to a sub-optimal processor performance [
23
,
27
]. Meltdown is an
attack variant similar in principle to Spectre that exploits pipelined
access to memory during out-of-order execution to compromise
and leak user data from the kernel mode of the CPU. Recent studies
in the literature [
4
,
21
,
34
,
38
] have approached the problem of
Spectre attacks as a learning problem with malicious and benign
classes and consequently applying Machine Learning (ML) classi-
fiers to detect this attacks using either vulnerable victim programs
or hardware performance counters (HPCs).
In this study, we are motivated by: (i) the recent availability of
a significant volume of Spectre gadgets to perform Spectre vul-
nerabilities detection using ML [
34
], and (ii) a gap in a thorough
presentation of the trade-offs in performance between ML classi-
fiers using vulnerabilities and attacks data. Before 2021, conducting
ML-assisted Spectre vulnerabilities experiments via victim program
was constrained to no more than 17 observations [
11
,
17
], which is
not ideal and attributed to the fact that ML classifiers, especially
neural networks require large volumes of data to be sufficiently
trained and explored [
7
]. Tol et al. [
34
] solved this problem by using
a combination of mutational fuzzing and deep learning (DL) to gen-
erate a significant number of Spectre-V1 gadgets suitable for ML
and DL experiments. We approach detecting Spectre attacks from
both signature vulnerabilities in code and behavioral characteristics
in CPU-Processes State (CPS) by leveraging the traces of malicious
activity caused by Spectre attacks in the
𝜇
arch and detecting Spectre
vulnerabilities using gadgets. We propose a comprehensive perfor-
mance evaluation of static and cache analysis-assisted machine
learning approaches to detect Spectre-vulnerable programs and
attacks.
摘要:
展开>>
收起<<
ShortPaper:StaticandMicroarchitecturalML-BasedApproachesForDetectingSpectreVulnerabilitiesandA acksChideraBiringacbiringa@umassd.eduUniversityofMassachusettsDartmouth,USAGaspardBayebgaspard@umassd.eduUniversityofMassachusettsDartmouth,USAGökhanKulgkul@umassd.eduUniversityofMassachusettsDartmouth,USA...
声明:本站为文档C2C交易模式,即用户上传的文档直接被用户下载,本站只是中间服务平台,本站所有文档下载所得的收益归上传人(含作者)所有。玖贝云文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。若文档所含内容侵犯了您的版权或隐私,请立即通知玖贝云文库,我们立即给予删除!
相关推荐
-
Michael Moorcock - Elric 6 - StormbringerVIP免费
2024-12-08 6 -
Michael Crichton - PreyVIP免费
2024-12-08 11 -
Mercedes Lackey - WintermoonVIP免费
2024-12-08 7 -
Mercedes Lackey - SE 1- Born To RunVIP免费
2024-12-08 8 -
Mercedes Lackey - Heralds of Valdemar 1 - Arrows Of The QueeVIP免费
2024-12-08 10 -
Melville, Herman - TypeeVIP免费
2024-12-08 15 -
MaryJanice Davidson - [Betsy 5] - Undead and Unpopular (v1.0)VIP免费
2024-12-08 18 -
Marion Zimmer Bradley - Darkover - The Heirs of HammerfellVIP免费
2024-12-08 19 -
MacDonnell, J E - 096 - Execute!VIP免费
2024-12-08 15 -
Lovecraft, H P - The Dream Quest Of Unknown KadadthVIP免费
2024-12-08 21
分类:图书资源
价格:10玖币
属性:5 页
大小:2.67MB
格式:PDF
时间:2025-05-03
作者详情
相关内容
-
2015年6月英语四级真题答案及解析(卷二)
分类:外语学习
时间:2025-05-02
标签:无
格式:PDF
价格:5.8 玖币
-
2015年6月英语四级真题答案及解析(卷三)
分类:外语学习
时间:2025-05-02
标签:无
格式:PDF
价格:5.8 玖币
-
2016年12月六级(第二套)真题
分类:外语学习
时间:2025-05-02
标签:无
格式:PDF
价格:5.8 玖币
-
2016年12月六级(第三套)真题
分类:外语学习
时间:2025-05-02
标签:无
格式:PDF
价格:5.8 玖币
-
2016年12月六级(第一套)真题
分类:外语学习
时间:2025-05-02
标签:无
格式:PDF
价格:5.8 玖币
渝公网安备50010702506394
