Junying Huang, Jing Ye, Xiaochun Ye, Da Wang, Dongrui Fan, Huawei Li, Xiaowei Li, Zhimin Zhang
{"title":"指令漏洞测试及针对DVFS攻击的代码优化","authors":"Junying Huang, Jing Ye, Xiaochun Ye, Da Wang, Dongrui Fan, Huawei Li, Xiaowei Li, Zhimin Zhang","doi":"10.1109/ITC-Asia.2019.00022","DOIUrl":null,"url":null,"abstract":"With the growing cost of powering and cooling, the Dynamic Voltage Frequency Scaling (DVFS) technique has been adopted in many mobiles and embedded devices nowadays. However, attackers are capable of maliciously manipulating the DVFS to threaten application programs including the security related ones. This paper first proposes a test method to test the vulnerabilities of CPU instructions under the DVFS attack. The test program feature, the testability of CPU instructions, and the Test Program Generation Algorithm (TPGA) are proposed. It is applied to an arm CPU in a mobile phone. Typical instructions are tested, and some are found vulnerable. Then, based on the test result, a method for code optimization by instruction substitution is proposed. The application program using vulnerable instructions are then attacked and optimized to prove the effectiveness of the proposed methods.","PeriodicalId":348469,"journal":{"name":"2019 IEEE International Test Conference in Asia (ITC-Asia)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Instruction Vulnerability Test and Code Optimization Against DVFS Attack\",\"authors\":\"Junying Huang, Jing Ye, Xiaochun Ye, Da Wang, Dongrui Fan, Huawei Li, Xiaowei Li, Zhimin Zhang\",\"doi\":\"10.1109/ITC-Asia.2019.00022\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the growing cost of powering and cooling, the Dynamic Voltage Frequency Scaling (DVFS) technique has been adopted in many mobiles and embedded devices nowadays. However, attackers are capable of maliciously manipulating the DVFS to threaten application programs including the security related ones. This paper first proposes a test method to test the vulnerabilities of CPU instructions under the DVFS attack. The test program feature, the testability of CPU instructions, and the Test Program Generation Algorithm (TPGA) are proposed. It is applied to an arm CPU in a mobile phone. Typical instructions are tested, and some are found vulnerable. Then, based on the test result, a method for code optimization by instruction substitution is proposed. The application program using vulnerable instructions are then attacked and optimized to prove the effectiveness of the proposed methods.\",\"PeriodicalId\":348469,\"journal\":{\"name\":\"2019 IEEE International Test Conference in Asia (ITC-Asia)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE International Test Conference in Asia (ITC-Asia)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ITC-Asia.2019.00022\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE International Test Conference in Asia (ITC-Asia)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ITC-Asia.2019.00022","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Instruction Vulnerability Test and Code Optimization Against DVFS Attack
With the growing cost of powering and cooling, the Dynamic Voltage Frequency Scaling (DVFS) technique has been adopted in many mobiles and embedded devices nowadays. However, attackers are capable of maliciously manipulating the DVFS to threaten application programs including the security related ones. This paper first proposes a test method to test the vulnerabilities of CPU instructions under the DVFS attack. The test program feature, the testability of CPU instructions, and the Test Program Generation Algorithm (TPGA) are proposed. It is applied to an arm CPU in a mobile phone. Typical instructions are tested, and some are found vulnerable. Then, based on the test result, a method for code optimization by instruction substitution is proposed. The application program using vulnerable instructions are then attacked and optimized to prove the effectiveness of the proposed methods.