SpecDefender: Transient Execution Attack Defender using Performance Counters - Equipe Secure and Safe Hardware Accéder directement au contenu
Communication Dans Un Congrès Année : 2022

SpecDefender: Transient Execution Attack Defender using Performance Counters

Amit Choudhari
  • Fonction : Auteur
  • PersonId : 1173972
Sylvain Guilley
Khaled Karray
  • Fonction : Auteur

Résumé

Side-channel attacks based on speculative execution have gained enough traction for researchers. This has resulted in the development of more creative variants of Spectre and its defences. However, many of these defence strategies end up making speculative execution or branch prediction ineffective. While these techniques protect the system, they cut down performance by more than 50%. Hence, these solutions cannot be deployed. In this paper, we present a framework that not only protects against different variants of Spectre but also maintains the performance. We prototyped this framework using a novel tool SpecDefender. It leverages Hardware Performance Counter (HPC) registers to dynamically detect active Spectre attacks and performs dynamic instrumentation to defend against them. This makes the tool widely applicable without any need for static analysis. Overall, the tool brings back the balance between performance and security. The tool was evaluated based on its accuracy and precision to detect an attack in different scenarios. It exhibit ¿90% precision when five out of ten processes were simultaneously attacked. The response time for the tool to detect is 2 sec. Furthermore, the throughput of the process under attack was comparable to normal execution in presence of SpecDefender.
Fichier principal
Vignette du fichier
hal.pdf (835.54 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)

Dates et versions

hal-03812717 , version 1 (12-10-2022)
hal-03812717 , version 2 (12-11-2022)

Identifiants

  • HAL Id : hal-03812717 , version 1

Citer

Amit Choudhari, Sylvain Guilley, Khaled Karray. SpecDefender: Transient Execution Attack Defender using Performance Counters. Sixth Workshop on Attacks and Solutions in Hardware Security ( ASHES 2022 ), Nov 2022, Los Angeles, United States. ⟨hal-03812717v1⟩

Collections

LTCI COMELEC SSH
129 Consultations
199 Téléchargements

Partager

Gmail Facebook X LinkedIn More