SpecDefender: Transient Execution Attack Defender using Performance Counters - Archive ouverte HAL Access content directly
Conference Papers Year :

SpecDefender: Transient Execution Attack Defender using Performance Counters

(1) , (2) , (2)
1
2
Amit Choudhari
  • Function : Author
  • PersonId : 1173972
Sylvain Guilley
Khaled Karray
  • Function : Author

Abstract

Side-channel attacks based on speculative execution have gained enough traction for researchers. This has resulted in the development of more creative variants of Spectre and its defences. However, many of these defence strategies end up making speculative execution or branch prediction ineffective. While these techniques protect the system, they cut down performance by more than 50%. Hence, these solutions cannot be deployed. In this paper, we present a framework that not only protects against different variants of Spectre but also maintains the performance. We prototyped this framework using a novel tool SpecDefender. It leverages Hardware Performance Counter (HPC) registers to dynamically detect active Spectre attacks and performs dynamic instrumentation to defend against them. This makes the tool widely applicable without any need for static analysis. Overall, the tool brings back the balance between performance and security. The tool was evaluated based on its accuracy and precision to detect an attack in different scenarios. It exhibit ¿90% precision when five out of ten processes were simultaneously attacked. The response time for the tool to detect is 2 sec. Furthermore, the throughput of the process under attack was comparable to normal execution in presence of SpecDefender.
Fichier principal
Vignette du fichier
hal.pdf (835.54 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Dates and versions

hal-03812717 , version 1 (12-10-2022)
hal-03812717 , version 2 (12-11-2022)

Identifiers

  • HAL Id : hal-03812717 , version 1

Cite

Amit Choudhari, Sylvain Guilley, Khaled Karray. SpecDefender: Transient Execution Attack Defender using Performance Counters. Sixth Workshop on Attacks and Solutions in Hardware Security ( ASHES 2022 ), Nov 2022, Los Angeles, United States. ⟨hal-03812717v1⟩

Collections

LTCI COMELEC SSH
2 View
0 Download

Share

Gmail Facebook Twitter LinkedIn More