research-article

NDA: Preventing Speculative Execution Attacks at Their Source

Authors:

Kevin Loughlin,

Thomas F. Wenisch,

Baris KasikciAuthors Info & Claims

MICRO '52: Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture

Pages 572 - 586

https://doi.org/10.1145/3352460.3358306

Published: 12 October 2019 Publication History

Abstract

Speculative execution attacks like Meltdown and Spectre work by accessing secret data in wrong-path execution. Secrets are then transmitted and recovered by the attacker via a covert channel. Existing mitigations either require code modifications, address only specific exploit techniques, or block only the cache covert channel. Rather than battling exploit techniques and covert channels one by one, we seek to close off speculative execution attacks at their source. Our key observation is that these attacks require a chain of dependent wrong-path instructions to access and transmit secret data. We propose NDA, a technique to restrict speculative data propagation. NDA breaks the attacks' wrong-path dependence chains while still allowing speculation and dynamic scheduling. We describe a design space of NDA variants that differ in the constraints they place on dynamic scheduling and the classes of speculative execution attacks they prevent. NDA preserves much of the performance advantage of out-of-order execution: on SPEC CPU 2017, NDA variants close 68-96% of the performance gap between in-order and unconstrained (insecure) out-of-order execution.

References

[1]

2019. InvisiSpec-1.0 source code. https://github.com/mjyan0720/InvisiSpec-1.0.

[2]

2019. Lapidary: Crafting more beautiful gem5 simulations. https://medium.com/@iangneal/lapidary-crafting-more-beautiful-gem5-simulations-4bc6f6aad717.

[3]

2019. Lapidary: creating beautiful gem5 simulations. https://github.com/efeslab/lapidary.

[4]

Alejandro Cabrera Aldaya, Billy Bob Brumley, Sohaib ul Hassan, Cesar Pereida Garcia, and Nicola Tuveri. 2018. Port Contention for Fun and Profit. Cryptology ePrint Archive, Report 2018/1060. https://eprint.iacr.org/2018/1060.

[5]

Thomas Allan, Billy Bob Brumley, Katrina E. Falkner, Joop van de Pol, and Yuval Yarom. 2016. Amplifying side channels through performance degradation. In ACSAC. ACM, 422--435.

[6]

AMD. 2018. Speculative Store Bypass Disable. https://developer.amd.com/wp-content/resources/124441_AMD64_SpeculativeStoreBypassDisable_Whitepaper_final.pdf.

[7]

Daniel J Bernstein. 2005. Cache-timing attacks on AES. (2005). http://palms.ee.princeton.edu/system/files/Cache-timing+attacks+on+AES.pdf.

[8]

Atri Bhattacharyya, Alexandra Sandulescu, Matthias Neugschwandtner, Alessandro Sorniotti, Babak Falsafi, Mathias Payer, and Anil Kurmus. 2019. SMoTher-Spectre: exploiting speculative execution through port contention. arXiv preprint arXiv:1903.01843 (2019).

[9]

Nathan Binkert, Bradford Beckmann, Gabriel Black, Steven K Reinhardt, Ali Saidi, Arkaprava Basu, Joel Hestness, Derek R Hower, Tushar Krishna, Somayeh Sardashti, et al. 2011. The gem5 simulator. ACM SIGARCH Computer Architecture News 39, 2 (2011), 1--7.

Digital Library

[10]

Joseph Bonneau and Ilya Mironov. 2006. Cache-collision timing attacks against AES. In International Workshop on Cryptographic Hardware and Embedded Systems. Springer, 201--215.

Digital Library

[11]

Erik Buchanan, Ryan Roemer, Hovav Shacham, and Stefan Savage. 2008. When good instructions go bad: Generalizing return-oriented programming to RISC. In Proceedings of the 15th ACM conference on Computer and communications security. ACM, 27--38.

Digital Library

[12]

Claudio Canella, Jo Van Bulck, Michael Schwarz, Moritz Lipp, Benjamin von Berg, Philipp Ortner, Frank Piessens, Dmitry Evtyushkin, and Daniel Gruss. 2018. A Systematic Evaluation of Transient Execution Attacks and Defenses. arXiv preprint arXiv:1811.05441 (2018).

[13]

G. Chen, S. Chen, Y. Xiao, Y. Zhang, Z. Lin, and T. H. Lai. 2019. SgxPectre: Stealing Intel Secrets from SGX Enclaves Via Speculative Execution. In 2019 IEEE European Symposium on Security and Privacy (EuroS P). 142--157. https://doi.org/10.1109/EuroSP.2019.00020

[14]

Yuan Chou, Brian Fahs, and Santosh Abraham. 2004. Microarchitecture optimizations for exploiting memory-level parallelism. In Computer Architecture, 2004. Proceedings. 31st Annual International Symposium on. IEEE, 76--87.

[15]

Debian 2018. Debian Bug report logs - #886367 intel-microcode: spectre microcode updates. Debian. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886367.

[16]

Dmitry Evtyushkin, Ryan Riley, Nael CSE Abu-Ghazaleh, Dmitry Ponomarev, et al. 2018. BranchScope: A New Side-Channel Attack on Directional Branch Predictor. In Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems. ACM, 693--707.

Digital Library

[17]

Jacob Fustos, Farzad Farshchi, and Heechul Yun. 2019. SpectreGuard: An Efficient Data-centric Defense Mechanism against Spectre Attacks. In DAC. 61--1.

[18]

Cesar Pereida Garcia and Billy Bob Brumley. 2017. Constant-Time Callees with Variable-Time Callers. In USENIX Security Symposium. USENIX Association, 83--98.

[19]

Cesar Pereida Garcia, Billy Bob Brumley, and Yuval Yarom. 2016. "Make Sure DSA Signing Exponentiations Really are Constant-Time". In ACM Conference on Computer and Communications Security. ACM, 1639--1650.

[20]

Kourosh Gharachorloo, Anoop Gupta, and John L Hennessy. 1991. Two techniques to enhance the performance of memory consistency models. (1991). https://courses.engr.illinois.edu/cs533/sp2019/reading_list/gharachorloo91two.pdf.

[21]

Google 2018. Retpoline: a software construct for preventing branch-target-injection. Google. https://support.google.com/faqs/answer/7625886.

[22]

Google 2018. Speculative Load Hardening. Google. https://docs.google.com/document/d/1wwcfv3UV9ZnZVcGiGuoITT_61e_Ko3TmoCS3uXLcJR0/edit#heading=h.phdehs44eom6.

[23]

Daniel Gruss, Moritz Lipp, Michael Schwarz, Richard Fellner, Clémentine Maurice, and Stefan Mangard. 2017. Kaslr is dead: long live kaslr. In International Symposium on Engineering Secure Software and Systems. Springer, 161--176.

[24]

Daniel Gruss, Raphael Spreitzer, and Stefan Mangard. 2015. Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches. In USENIX Security Symposium. USENIX Association, 897--912.

[25]

Intel 2018. Deep Dive: Intel Analysis of L1 Terminal Fault. Intel. https://software.intel.com/security-software-guidance/insights/deep-dive-intel-analysis-l1-terminal-fault.

[26]

Intel 2018. Details and Mitigation Information for Variant 4. Intel. https://newsroom.intel.com/editorials/addressing-new-research-for-side-channel-analysis/#gs.4778nz.

[27]

Intel. 2018. Intel Analysis of Speculative Execution Side Channels. https://software.intel.com/security-software-guidance/api-app/sites/default/files/336983-Intel-Analysis-of-Speculative-Execution-Side-Channels-White-Paper.pdf.

[28]

Intel 2018. Retpoline: A Branch Target Injection Mitigation. Intel. https://software.intel.com/sites/default/files/managed/1d/46/Retpoline-A-Branch-Target-Injection-Mitigation.pdf.

[29]

Intel. 2018. Speculative Execution Side Channel Mitigations. https://software.intel.com/security-software-guidance/api-app/sites/default/files/336996-Speculative-Execution-Side-Channel-Mitigations.pdf.

[30]

Gorka Irazoqui Apecechea, Mehmet Sinan Inci, Thomas Eisenbarth, and Berk Sunar. 2014. Wait a Minute! A fast, Cross-VM Attack on AES. In RAID (Lecture Notes in Computer Science), Vol. 8688. Springer, 299--319.

[31]

Khaled N Khasawneh, Esmaeil Mohammadian Koruyeh, Chengyu Song, Dmitry Evtyushkin, Dmitry Ponomarev, and Nael Abu-Ghazaleh. 2018. SafeSpec: Banishing the Spectre of a Meltdown with Leakage-Free Speculation. arXiv preprint arXiv:1806.05179 (2018).

[32]

Vladimir Kiriansky, Ilia Lebedev, Saman Amarasinghe, Srinivas Devadas, and Joel Emer. 2018. DAWG: A defense against cache timing attacks in speculative execution processors. In 2018 51st Annual IEEE/ACM International Symposium on Microarchitecture (MICRO). IEEE, 974--987.

Digital Library

[33]

Vladimir Kiriansky and Carl Waldspurger. 2018. Speculative buffer overflows: Attacks and defenses. arXiv preprint arXiv:1807.03757 (2018).

[34]

Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, et al. 2019. Spectre Attacks: Exploiting Speculative Execution. In 40th IEEE Symposium on Security and Privacy.

[35]

Esmaeil Mohammadian Koruyeh, Khaled N Khasawneh, Chengyu Song, and Nael Abu-Ghazaleh. 2018. Spectre returns! speculation attacks using the return stack buffer. In 12th USENIX Workshop on Offensive Technologies, WOOT. 13--14.

[36]

Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, et al. 2018. Meltdown: Reading kernel memory from user space. In 27th USENIX Security Symposium (USENIX Security 18). 973--990.

Digital Library

[37]

LWN 2018. A page-table isolation update. LWN. https://lwn.net/Articles/752621/.

[38]

Giorgi Maisuradze and Christian Rossow. 2018. ret2spec: Speculative execution using return stack buffers. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2109--2122.

Digital Library

[39]

Andrea Mambretti, Alexandra Sandulescu, Matthias Neugschwandtner, Alessandro Sorniotti, and Anil Kurmus. 2019. Two methods for exploiting speculative control flow hijacks. In 13th USENIX Workshop on Offensive Technologies (WOOT 19).

[40]

Clémentine Maurice, Christoph Neumann, Olivier Heen, and Aurélien Francillon. 2015. C5: cross-cores cache covert channel. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Springer, 46--64.

Digital Library

[41]

Ross Mcilroy, Jaroslav Sevcik, Tobias Tebbi, Ben L Titzer, and Toon Verwaest. 2019. Spectre is here to stay: An analysis of side-channels and speculative execution. arXiv preprint arXiv:1902.05178 (2019).

[42]

Frank McKeen, Ilya Alexandrovich, Alex Berenzon, Carlos V Rozas, Hisham Shafi, Vedvyas Shanbhogue, and Uday R Savagaonkar. 2013. Innovative instructions and software model for isolated execution. In Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy. ACM. http://software.intel.com/sites/default/files/article/413936/hasp-2013-innovative-instructions-and-software-model-for-isolated-execution.pdf

[43]

Microsoft 2018. Mitigating speculative execution side channel hardware vulnerabilities. Microsoft. https://blogs.technet.microsoft.com/srd/2018/03/15/mitigating-speculative-execution-side-channel-hardware-vulnerabilities/.

[44]

Microsoft 2018. Protect your Windows devices against Spectre and Meltdown. Microsoft. https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown.

[45]

Marina Minkin, Daniel Moghimi, Moritz Lipp, Michael Schwarz, Jo Van Bulck, Daniel Genkin, Daniel Gruss, Berk Sunar, Frank Piessens, and Yuval Yarom. 2019. Fallout: Reading Kernel Writes From User Space. (2019).

[46]

Oleksii Oleksenko, Bohdan Trach, Tobias Reiher, Mark Silberstein, and Christof Fetzer. 2018. You Shall Not Bypass: Employing data dependencies to prevent Bounds Check Bypass. arXiv preprint arXiv:1805.08506 (2018).

[47]

Dag Arne Osvik, Adi Shamir, and Eran Tromer. 2006. Cache attacks and countermeasures: the case of AES. In Cryptographers' Track at the RSA Conference. Springer, 1--20.

Digital Library

[48]

Lutan Zhao Peinan Li and CAS) Rui Hou (Institute of Information Engineering, CAS); Lixin Zhang (HXT Semiconductor Co.LTD); Dan Meng (Institute of Information Engineering. 2019. Conditional Speculation: An Effective Approach to Safeguard Out-of-Order Execution Against Spectre Attacks. In Proceedings of the 25th IEEE International Symposium on High-Performance Computer Architecture. IEEE.

[49]

Peter Pessl, Leon Groot Bruinderink, and Yuval Yarom. 2017. To BLISS-B or not to be: Attacking strongSwan's Implementation of Post-Quantum Signatures. In CCS. ACM, 1843--1855.

Digital Library

[50]

Peter Pessl, Daniel Gruss, Clémentine Maurice, Michael Schwarz, and Stefan Mangard. 2016. DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks. In USENIX Security Symposium. 565--581.

Digital Library

[51]

Moinuddin K Qureshi. 2019. CEASER: Mitigating Conflict-Based Cache Attacks via Encrypted-Address and Remapping. In Proceedings of 51th International Symposium on Microarchitecture.

[52]

Ryan Roemer, Erik Buchanan, Hovav Shacham, and Stefan Savage. 2012. Return-oriented programming: Systems, languages, and applications. ACM Transactions on Information and System Security (TISSEC) 15, 1 (2012), 2.

Digital Library

[53]

Christos Sakalis, Stefanos Kaxiras, Alberto Ros, Alexandra Jimborean, and Magnus Själander. 2019. Efficient Invisible Speculative Execution Through Selective Delay and Value Prediction. In Proceedings of the 46th International Symposium on Computer Architecture. ACM, 723--735.

Digital Library

[54]

Michael Schwarz, Moritz Lipp, Daniel Moghimi, Jo Van Bulck, Julian Stecklina, Thomas Prescher, and Daniel Gruss. 2019. ZombieLoad: Cross-Privilege-Boundary Data Sampling. arXiv:1905.05726 (2019).

[55]

Michael Schwarz, Martin Schwarzl, Moritz Lipp, and Daniel Gruss. 2018. Net-spectre: Read arbitrary memory over network. arXiv preprint arXiv:1807.10535 (2018).

[56]

Hovav Shacham. 2007. The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In Proceedings of the 14th ACM conference on Computer and communications security. ACM, 552--561.

Digital Library

[57]

Zhuojia Shen, Jie Zhou, Divya Ojha, and John Criswell. 2019. Restricting Control Flow During Speculative Execution with Venkman. arXiv preprint arXiv:1903.10651 (2019).

[58]

SPEC. 2017. Standard Performance Evaluation Corporation SPEC CPU 2017. https://www.spec.org/cpu2017/.

[59]

Julian Stecklina and Thomas Prescher. 2018. LazyFP: Leaking FPU Register State using Microarchitectural Side-Channels. arXiv preprint arXiv:1806.07480 (2018).

[60]

Mohammadkazem Taram, Ashish Venkat, and Dean Tullsen. 2019. Context-Sensitive Fencing: Securing Speculative Execution via Microcode Customization. In Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems.

Digital Library

[61]

Ubuntu 2018. Spectre And Meltdown. Ubuntu. https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown.

[62]

Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the keys to the Intel SGX kingdom with transient out-of-order execution. In Proceedings of the 27th USENIX Security Symposium. USENIX Association.

Digital Library

[63]

Jo Van Bulck, Frank Piessens, and Raoul Strackx. 2018. Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic. (2018).

[64]

Stephan van Schaik, Alyssa Milburn, Sebastian Ã&Udblac; sterlund, Pietro Frigo, Giorgi Maisuradze, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida. 2019. RIDL: Rogue In-flight Data Load. In S&P.

[65]

Ofir Weisse, Jo Van Bulck, Marina Minkin, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Raoul Strackx, Thomas F. Wenisch, and Yuval Yarom. 2018. Foreshadow-NG: Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution. Technical report (2018). See also USENIX Security paper Foreshadow [62].

[66]

Zhenyu Wu, Zhang Xu, and Haining Wang. 2012. Whispers in the Hyper-space: High-speed Covert Channel Attacks in the Cloud. In USENIX Security symposium. 159--173.

Digital Library

[67]

Roland E Wunderlich, Thomas F Wenisch, Babak Falsafi, and James C Hoe. 2003. SMARTS: Accelerating microarchitecture simulation via rigorous statistical sampling. In ACM SIGARCH Computer Architecture News, Vol. 31. ACM, 84--97.

Digital Library

[68]

Yunjing Xu, Michael Bailey, Farnam Jahanian, Kaustubh Joshi, Matti Hiltunen, and Richard Schlichting. 2011. An exploration of L2 cache covert channels in virtualized environments. In Proceedings of the 3rd ACM workshop on Cloud computing security workshop. ACM, 29--40.

Digital Library

[69]

Mengjia Yan, Jiho Choi, Dimitrios Skarlatos, Adam Morrison, Christopher W Fletcher, and Josep Torrellas. 2018. InvisiSpec: Making Speculative Execution Invisible in the Cache Hierarchy. In Proceedings of the 51th International Symposium on Microarchitecture (MICRO'18).

Digital Library

[70]

Mengjia Yan, Bhargava Gopireddy, Thomas Shull, and Josep Torrellas. 2017. Secure hierarchy-aware cache replacement policy (SHARP): Defending against cache-based side channel attacks. In Computer Architecture (ISCA), 2017 ACM/IEEE 44th Annual International Symposium on. IEEE, 347--360.

Digital Library

[71]

Mengjia Yan, Yasser Shalabi, and Josep Torrellas. 2016. ReplayConfusion: detecting cache-based covert channel attacks using record and replay. In The 49th Annual IEEE/ACM International Symposium on Microarchitecture. IEEE Press, 39.

[72]

Mengjia Yan, Read Sprabery, Bhargava Gopireddy, Christopher Fletcher, Roy Campbell, and Josep Torrellas. 2019. Attack Directories, Not Caches: Side Channel Attacks in a Non-Inclusive World. In 40th IEEE Symposium on Security and Privacy.

[73]

Yuval Yarom and Katrina Falkner. 2014. Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack. In USENIX Security. 719--732.

[74]

Kenneth C Yeager. 1996. The MIPS R10000 superscalar microprocessor. IEEE micro 16, 2 (1996), 28--41.

[75]

Project Zero. 2018. speculative execution, variant 4: speculative store bypass. https://bugs.chromium.org/p/project-zero/issues/detail?id=1528.

[76]

Yinqian Zhang, Ari Juels, Michael K. Reiter, and Thomas Ristenpart. 2014. Cross-Tenant Side-Channel Attacks in PaaS Clouds. In ACM Conference on Computer and Communications Security. ACM, 990--1003.

Cited By

Gruss D(2025)SpectreEncyclopedia of Cryptography, Security and Privacy10.1007/978-3-030-71522-9_1687(2497-2503)Online publication date: 8-Jan-2025
https://doi.org/10.1007/978-3-030-71522-9_1687
Wu ZZeng HBies ASridharan M(2024)Kawa: An Abstract Language for Scalable and Variable Detection of Spectre VulnerabilitiesCompanion Proceedings of the 2024 ACM SIGPLAN International Conference on Systems, Programming, Languages, and Applications: Software for Humanity10.1145/3689491.3689971(37-39)Online publication date: 20-Oct-2024
https://dl.acm.org/doi/10.1145/3689491.3689971
Davoli DAvanzini MRezk TLuo BLiao XXu JKirda ELie D(2024)On Kernel's Safety in the Spectre Era (And KASLR is Formally Dead)Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3670332(1091-1105)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3670332
Show More Cited By

Index Terms

NDA: Preventing Speculative Execution Attacks at Their Source
1. Computer systems organization
  1. Architectures
2. Security and privacy
  1. Security in hardware
    1. Hardware security implementation

Recommendations

A Review on Vulnerabilities to Modern Processors and its Mitigation for Various Variants
Abstract
Recently, security researchers have found two hardware security vulnerabilities namely Spectre and Meltdown, related to computer memory. They are not singular, many variants of these two vulnerabilities are being a head ache for secure hardware ...
Model Checking Speculation-Dependent Security Properties: Abstracting and Reducing Processor Models for Sound and Complete Verification
Codes, Cryptology and Information Security
Abstract
Though modern microprocessors embed several hardware security mechanisms, aimed at guaranteeing confidentiality and integrity of sensible data, recently disclosed attacks such as Spectre and Meltdown witness weaknesses with potentially great ...
SecurityCloak: Protection against cache timing and speculative memory access attacks
Abstract
Microarchitectural innovations such as deep cache hierarchies, out-of-order execution, branch prediction and speculative execution in modern processors have made possible to meet ever-increasing demands for performance. However, these innovations ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

MICRO '52: Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture

October 2019

1104 pages

ISBN:9781450369381

DOI:10.1145/3352460

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 October 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

MICRO '52

Sponsor:

SIGMICRO

MICRO '52: The 52nd Annual IEEE/ACM International Symposium on Microarchitecture

October 12 - 16, 2019

OH, Columbus, USA

Acceptance Rates

Overall Acceptance Rate 484 of 2,242 submissions, 22%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

84
Total Citations
View Citations
1,398
Total Downloads

Downloads (Last 12 months)155
Downloads (Last 6 weeks)8

Reflects downloads up to 25 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Gruss D(2025)SpectreEncyclopedia of Cryptography, Security and Privacy10.1007/978-3-030-71522-9_1687(2497-2503)Online publication date: 8-Jan-2025
https://doi.org/10.1007/978-3-030-71522-9_1687
Wu ZZeng HBies ASridharan M(2024)Kawa: An Abstract Language for Scalable and Variable Detection of Spectre VulnerabilitiesCompanion Proceedings of the 2024 ACM SIGPLAN International Conference on Systems, Programming, Languages, and Applications: Software for Humanity10.1145/3689491.3689971(37-39)Online publication date: 20-Oct-2024
https://dl.acm.org/doi/10.1145/3689491.3689971
Davoli DAvanzini MRezk TLuo BLiao XXu JKirda ELie D(2024)On Kernel's Safety in the Spectre Era (And KASLR is Formally Dead)Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3670332(1091-1105)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3670332
Hajiabadi ACarlson TDe V(2024)Conjuring: Leaking Control Flow via Speculative Fetch AttacksProceedings of the 61st ACM/IEEE Design Automation Conference10.1145/3649329.3655895(1-6)Online publication date: 23-Jun-2024
https://dl.acm.org/doi/10.1145/3649329.3655895
Hajiabadi AAgarwal ADiavastos ACarlson TDe V(2024)Levioso: Efficient Compiler-Informed Secure SpeculationProceedings of the 61st ACM/IEEE Design Automation Conference10.1145/3649329.3655894(1-6)Online publication date: 23-Jun-2024
https://dl.acm.org/doi/10.1145/3649329.3655894
Marinaro TBuiras PLindner AGuanciale RNemati HQuek TGao DZhou JCardenas A(2024)Beyond Over-Protection: A Targeted Approach to Spectre Mitigation and Performance OptimizationProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3637651(203-216)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3637651
Yin YCui JZhang J(2024)CPU Address-Leakage Transient Execution Attack Detection and Its CountermeasuresIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2024.339788043:12(4463-4475)Online publication date: Dec-2024
https://doi.org/10.1109/TCAD.2024.3397880
Li LHuang JFeng LWang Z(2024) Prefender: A Pref etching Def en der Against Cache Side Channel Attacks as a Preten der IEEE Transactions on Computers10.1109/TC.2024.337789173:6(1457-1471)Online publication date: Jun-2024
https://doi.org/10.1109/TC.2024.3377891
Mosier NNemati HMitchell JTrippel C(2024)Serberus: Protecting Cryptographic Code from Spectres at Compile-Time2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00048(4200-4219)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00048
Aimoniotis PKaxiras S(2024)JANUS: A Simple and Efficient Speculative Defense using Reinforcement Learning2024 IEEE 36th International Symposium on Computer Architecture and High Performance Computing (SBAC-PAD)10.1109/SBAC-PAD63648.2024.00011(25-36)Online publication date: 13-Nov-2024
https://doi.org/10.1109/SBAC-PAD63648.2024.00011
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten