Multi-Agent Cross-Platform Detection of Meltdown and Spectre Attacks

Abstract

Modern processors use out-of-order and speculative execution to maximize performance. However, these types of optimization executions may leak users' confidential information to another malicious party through a side channel, as can be seen from the notorious Meltdown and Spectre poC attacks. Although some big companies have released software patches and updates to work around the hardware problems, however, they might inadvertently cause some stability or performance issues, especially for Windows systems. Furthermore, some legacy systems are never going to be patched, such as XP systems. Therefore, we provide a more proactive method, a multi-agent way of detecting Meltdown and Spectre on Windows (including the XP System), Linux and OS X Systems. Experiments show that our detection mechanism is very effective in detecting these attacks for all the major existing operating systems.