Spectector: Principled detection of speculative information flows
Since the advent of Spectre, a number of counter-measures have been proposed and
deployed. Rigorously reasoning about their effectiveness, however, requires a well-defined …
deployed. Rigorously reasoning about their effectiveness, however, requires a well-defined …
Speccfi: Mitigating spectre attacks using cfi informed speculation
EM Koruyeh, SHA Shirazi… - … IEEE Symposium on …, 2020 - ieeexplore.ieee.org
Spectre attacks and their many subsequent variants are a new vulnerability class affecting
modern CPUs. The attacks rely on the ability to misguide speculative execution, generally by …
modern CPUs. The attacks rely on the ability to misguide speculative execution, generally by …
A formal approach to secure speculation
Transient execution attacks like Spectre, Meltdown and Foreshadow have shown that
combinations of microarchitectural side-channels can be synergistically exploited to create …
combinations of microarchitectural side-channels can be synergistically exploited to create …
Automatic detection of speculative execution combinations
Modern processors employ different speculation mechanisms to speculate over different
kinds of instructions. Attackers can exploit these mechanisms simultaneously in order to …
kinds of instructions. Attackers can exploit these mechanisms simultaneously in order to …
ret2spec: Speculative execution using return stack buffers
G Maisuradze, C Rossow - Proceedings of the 2018 ACM SIGSAC …, 2018 - dl.acm.org
Speculative execution is an optimization technique that has been part of CPUs for over a
decade. It predicts the outcome and target of branch instructions to avoid stalling the …
decade. It predicts the outcome and target of branch instructions to avoid stalling the …
Smotherspectre: exploiting speculative execution through port contention
A Bhattacharyya, A Sandulescu… - Proceedings of the …, 2019 - dl.acm.org
Spectre, Meltdown, and related attacks have demonstrated that kernels, hypervisors, trusted
execution environments, and browsers are prone to information disclosure through micro …
execution environments, and browsers are prone to information disclosure through micro …
Hardware-software contracts for secure speculation
Since the discovery of Spectre, a large number of hardware mechanisms for secure
speculation has been proposed. Intuitively, more defensive mechanisms are less efficient …
speculation has been proposed. Intuitively, more defensive mechanisms are less efficient …
Hunting the haunter-efficient relational symbolic execution for spectre with haunted relse
Spectre are microarchitectural attacks which were made public in January 2018. They allow
an attacker to recover secrets by exploiting speculations. Detection of Spectre is particularly …
an attacker to recover secrets by exploiting speculations. Detection of Spectre is particularly …
Muontrap: Preventing cross-domain spectre-like attacks by capturing speculative state
S Ainsworth, TM Jones - 2020 ACM/IEEE 47th Annual …, 2020 - ieeexplore.ieee.org
The disclosure of the Spectre speculative-execution attacks in January 2018 has left a
severe vulnerability that systems are still struggling with how to patch. The solutions that …
severe vulnerability that systems are still struggling with how to patch. The solutions that …
Safespec: Banishing the spectre of a meltdown with leakage-free speculation
Speculative attacks, such as Spectre and Meltdown, target speculative execution to access
privileged data and leak it through a side-channel. In this paper, we introduce (SafeSpec), a …
privileged data and leak it through a side-channel. In this paper, we introduce (SafeSpec), a …