Meltdown和Spectre攻击的多代理跨平台检测

2018 15th International Conference on Control, Automation, Robotics and Vision (ICARCV) Pub Date : 2018-11-01 DOI:10.1109/ICARCV.2018.8581146

Xinxing Zhao, C. S. Veerappan, P. Loh, Zhaohui Tang, Forest Tan

{"title":"Meltdown和Spectre攻击的多代理跨平台检测","authors":"Xinxing Zhao, C. S. Veerappan, P. Loh, Zhaohui Tang, Forest Tan","doi":"10.1109/ICARCV.2018.8581146","DOIUrl":null,"url":null,"abstract":"Modern processors use out-of-order and speculative execution to maximize performance. However, these types of optimization executions may leak users' confidential information to another malicious party through a side channel, as can be seen from the notorious Meltdown and Spectre poC attacks. Although some big companies have released software patches and updates to work around the hardware problems, however, they might inadvertently cause some stability or performance issues, especially for Windows systems. Furthermore, some legacy systems are never going to be patched, such as XP systems. Therefore, we provide a more proactive method, a multi-agent way of detecting Meltdown and Spectre on Windows (including the XP System), Linux and OS X Systems. Experiments show that our detection mechanism is very effective in detecting these attacks for all the major existing operating systems.","PeriodicalId":395380,"journal":{"name":"2018 15th International Conference on Control, Automation, Robotics and Vision (ICARCV)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Multi-Agent Cross-Platform Detection of Meltdown and Spectre Attacks\",\"authors\":\"Xinxing Zhao, C. S. Veerappan, P. Loh, Zhaohui Tang, Forest Tan\",\"doi\":\"10.1109/ICARCV.2018.8581146\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Modern processors use out-of-order and speculative execution to maximize performance. However, these types of optimization executions may leak users' confidential information to another malicious party through a side channel, as can be seen from the notorious Meltdown and Spectre poC attacks. Although some big companies have released software patches and updates to work around the hardware problems, however, they might inadvertently cause some stability or performance issues, especially for Windows systems. Furthermore, some legacy systems are never going to be patched, such as XP systems. Therefore, we provide a more proactive method, a multi-agent way of detecting Meltdown and Spectre on Windows (including the XP System), Linux and OS X Systems. Experiments show that our detection mechanism is very effective in detecting these attacks for all the major existing operating systems.\",\"PeriodicalId\":395380,\"journal\":{\"name\":\"2018 15th International Conference on Control, Automation, Robotics and Vision (ICARCV)\",\"volume\":\"6 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 15th International Conference on Control, Automation, Robotics and Vision (ICARCV)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICARCV.2018.8581146\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 15th International Conference on Control, Automation, Robotics and Vision (ICARCV)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICARCV.2018.8581146","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

现代处理器使用乱序和推测执行来最大化性能。然而，这些类型的优化执行可能会通过侧通道将用户的机密信息泄露给另一个恶意方，从臭名昭著的Meltdown和Spectre poC攻击中可以看出。尽管一些大公司已经发布了软件补丁和更新来解决硬件问题，但是，它们可能会在无意中造成一些稳定性或性能问题，特别是对于Windows系统。此外，一些遗留系统永远不会打补丁，比如XP系统。因此，我们提供了一种更主动的方法，一种在Windows(包括XP系统)，Linux和OS X系统上检测Meltdown和Spectre的多代理方法。实验表明，我们的检测机制在检测现有所有主要操作系统的这些攻击方面非常有效。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Multi-Agent Cross-Platform Detection of Meltdown and Spectre Attacks

Modern processors use out-of-order and speculative execution to maximize performance. However, these types of optimization executions may leak users' confidential information to another malicious party through a side channel, as can be seen from the notorious Meltdown and Spectre poC attacks. Although some big companies have released software patches and updates to work around the hardware problems, however, they might inadvertently cause some stability or performance issues, especially for Windows systems. Furthermore, some legacy systems are never going to be patched, such as XP systems. Therefore, we provide a more proactive method, a multi-agent way of detecting Meltdown and Spectre on Windows (including the XP System), Linux and OS X Systems. Experiments show that our detection mechanism is very effective in detecting these attacks for all the major existing operating systems.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2018 15th International Conference on Control, Automation, Robotics and Vision (ICARCV)

自引率

0.00%

发文量