Do you want to publish a course? Click here

STBPU: A Reasonably Safe Branch Predictor Unit

104   0   0.0 ( 0 )
 Added by Tao Zhang
 Publication date 2021
and research's language is English




Ask ChatGPT about the research

Modern processors have suffered a deluge of danger- ous side channel and speculative execution attacks that exploit vulnerabilities rooted in branch predictor units (BPU). Many such attacks exploit the shared use of the BPU between un- related processes, which allows malicious processes to retrieve sensitive data or enable speculative execution attacks. Attacks that exploit collisions between different branch instructions inside the BPU are among the most dangerous. Various protections and mitigations are proposed such as CPU microcode updates, secured cache designs, fencing mechanisms, invisible speculations. While some effectively mitigate speculative execution attacks, they overlook BPU as an attack vector, leaving BPU prone to malicious collisions and resulting critical penalty such as advanced micro-op cache attacks. Furthermore, some mitigations severely hamper the accuracy of the BPU resulting in increased CPU performance overhead. To address these, we present the secret token branch predictor unit (STBPU), a branch predictor design that mitigates collision-based speculative execution attacks and BPU side channel whilst incurring little to no performance overhead. STBPU achieves this by customizing inside data representations for each software entity requiring isolation. To prevent more advanced attacks, STBPU monitors hardware events and preemptively changes how STBPU data is stored and interpreted.



rate research

Read More

Modern systems on a chip (SoCs) utilize heterogeneous architectures where multiple IP cores have concurrent access to on-chip shared resources. In security-critical applications, IP cores have different privilege levels for accessing shared resources, which must be regulated by an access control system. AKER is a design and verification framework for SoC access control. AKER builds upon the Access Control Wrapper (ACW) -- a high performance and easy-to-integrate hardware module that dynamically manages access to shared resources. To build an SoC access control system, AKER distributes the ACWs throughout the SoC, wrapping controller IP cores, and configuring the ACWs to perform local access control. To ensure the access control system is functioning correctly and securely, AKER provides a property-driven security verification using MITRE common weakness enumerations. AKER verifies the SoC access control at the IP level to ensure the absence of bugs in the functionalities of the ACW module, at the firmware level to confirm the secure operation of the ACW when integrated with a hardware root-of-trust (HRoT), and at the system level to evaluate security threats due to the interactions among shared resources. The performance, resource usage, and security of access control systems implemented through AKER is experimentally evaluated on a Xilinx UltraScale+ programmable SoC, it is integrated with the OpenTitan hardware root-of-trust, and it is used to design an access control system for the OpenPULP multicore architecture.
This paper proposes a new block cipher termed as Modular Arithmetic based Block Cipher with Varying Key-Spaces (MABCVK) that uses private key-spaces of varying lengths to encrypt data files. There is a simple but intelligent use of theory of modular arithmetic in the scheme of the cipher. Based on observed implementation of the proposed cipher on a set of real data files of several types, all results are tabulated and analyzed.The schematic strength of the cipher and the freedom of using a long key-space expectedly can make it reasonably nonvulnerable against possible cryptanalytic attacks. As a part of the future scope of the work, it is also intended to formulate and implement an enhanced scheme that will use a carrier image to have a secure transmission of the private key.
Ransomware, a type of malicious software that encrypts a victims files and only releases the cryptographic key once a ransom is paid, has emerged as a potentially devastating class of cybercrimes in the past few years. In this paper, we present RAPTOR, a promising line of defense against ransomware attacks. RAPTOR fingerprints attackers operations to forecast ransomware activity. More specifically, our method learns features of malicious domains by looking at examples of domains involved in known ransomware attacks, and then monitors newly registered domains to identify potentially malicious ones. In addition, RAPTOR uses time series forecasting techniques to learn models of historical ransomware activity and then leverages malicious domain registrations as an external signal to forecast future ransomware activity. We illustrate RAPTORs effectiveness by forecasting all activity stages of Cerber, a popular ransomware family. By monitoring zone files of the top-level domain .top starting from August 30, 2016 through May 31, 2017, RAPTOR predicted 2,126 newly registered domains to be potential Cerber domains. Of these, 378 later actually appeared in blacklists. Our empirical evaluation results show that using predicted domain registrations helped improve forecasts of future Cerber activity. Most importantly, our approach demonstrates the value of fusing different signals in forecasting applications in the cyber domain.
Modern vehicles contain a few controller area networks (CANs), which allow scores of on-board electronic control units (ECUs) to communicate messages critical to vehicle functions and driver safety. CAN provide a lightweight and reliable broadcast protocol but is bereft of security features. As evidenced by many recent research works, CAN exploits are possible both remotely and with direct access, fueling a growing CAN intrusion detection system (IDS) body of research. A challenge for pioneering vehicle-agnostic IDSs is that passenger vehicles CAN message encodings are proprietary, defined and held secret by original equipment manufacturers (OEMs). Targeting detection of next-generation attacks, in which messages are sent from the expected ECU at the expected time but with malicious content, researchers are now seeking to leverage CAN data models, which predict future CAN message contents and use prediction error to identify anomalous, hopefully malicious CAN messages. Yet, current works model CAN signals post-translation, i.e., after applying OEM-donated or reverse-engineered translations from raw data. In this work, we present initial IDS results testing deep neural networks used to predict CAN data at the bit level, thereby providing IDS capabilities but avoiding reverse engineering proprietary encodings. Our results suggest the method is promising for continuous signals in CAN data, but struggles for discrete, e.g., binary, signals.
175 - Onur Mutlu , Jeremie S. Kim 2019
This retrospective paper describes the RowHammer problem in Dynamic Random Access Memory (DRAM), which was initially introduced by Kim et al. at the ISCA 2014 conference~cite{rowhammer-isca2014}. RowHammer is a prime (and perhaps the first) example of how a circuit-level failure mechanism can cause a practical and widespread system security vulnerability. It is the phenomenon that repeatedly accessing a row in a modern DRAM chip causes bit flips in physically-adjacent rows at consistently predictable bit locations. RowHammer is caused by a hardware failure mechanism called {em DRAM disturbance errors}, which is a manifestation of circuit-level cell-to-cell interference in a scaled memory technology. Researchers from Google Project Zero demonstrated in 2015 that this hardware failure mechanism can be effectively exploited by user-level programs to gain kernel privileges on real systems. Many other follow-up works demonstrated other practical attacks exploiting RowHammer. In this article, we comprehensively survey the scientific literature on RowHammer-based attacks as well as mitigation techniques to prevent RowHammer. We also discuss what other related vulnerabilities may be lurking in DRAM and other types of memories, e.g., NAND flash memory or Phase Change Memory, that can potentially threaten the foundations of secure systems, as the memory technologies scale to higher densities. We conclude by describing and advocating a principled approach to memory reliability and security research that can enable us to better anticipate and prevent such vulnerabilities.
comments
Fetching comments Fetching comments
mircosoft-partner

هل ترغب بارسال اشعارات عن اخر التحديثات في شمرا-اكاديميا