Spectre

Spectre

Machine Learning

Published in Ravi Das, Practical AI for Cybersecurity, 2021

Kocher P, Horn J, Fogh A, Genkin D, Gruss D, Haas W, Hamburg M, Lipp M, Mangard S, Prescher T, Schwarz M, Yarom, Y: “Spectre Attacks: Exploiting Speculative Execution.” <spectreattack.com/spectre.pdf>

Exploration for Software Mitigation to Spectre Attacks of Poisoning Indirect Branches

View Article

Journal Information

Published in IETE Technical Review, 2018

Baozi Chen, Qingbo Wu, Yusong Tan, Liu Yang, Peng Zou

Traditional security researches try to avoid sensitive information leakage through covert channels by restricting information-flow policies [1] or data encryption [2]. However, attackers can bypass those restrictions or encryptions and leak sensitive data through the side channel. Since personal multimedia information is stored in the cloud service, privacy protection becomes increasingly important [3–5]. Recently, researchers have discovered a new kind of attacks named Spectre which exploits speculative behavior of modern processors and side channels [6, 7]. By training the branch predictor, the adversary can misdirect the processor to execute unauthorized code speculatively and leak information through side channels. There are mainly two variants of Spectre attacks. One leverages conditional branches, and the other leverages indirect branches. Mitigating new attacks is thought to be expensive at the moment because it is based on common optimization techniques on modern processors. Since Spectre utilizes speculative execution and cache, simply disabling either of two would cause great degradation of performance.

Explore chapters and articles related to this topic

Machine Learning

Exploration for Software Mitigation to Spectre Attacks of Poisoning Indirect Branches