Spectre Attacks: Exploiting Speculative Execution

Kocher, Paul; Horn, Jann; Fogh, Anders; Genkin, Daniel; Gruss, Daniel; Haas, Werner; Hamburg, Mike; Lipp, Moritz; Mangard, Stefan; Prescher, Thomas; Schwarz, Michael; Yarom, Yuval

doi:10.1109/sp.2019.00002

Cited by 1,274 publications

(1,407 citation statements)

References 27 publications

Supporting

Mentioning

1,283

Contrasting

Unclassified

Order By: Relevance

“…Whilst performance.now(), and associated high resolution time-stamps, offer the greatest accuracy, the resolution has been reduced intentionally by all major browsers to mitigate against certain security threats (Schwarz, Maurice, Gruss & Mangard, 2017;Kocher et al, 2018). In most browsers the adjusted resolution is rounded to the nearest 1-5 ms, with 1 ms being the most common (Mozilla, 2019) -this is unlikely to be a permanent change, and will be improved when the vulnerabilities are better understood (Ritter, Mozilla, 2018;Mozilla, 2019).…”

Section: Timing Controlmentioning

confidence: 99%

Gorilla in our Midst: An online behavioral experiment builder

Anwyl-Irvine

Massonnié

Flitton

et al. 2018

Preprint

167

162

View full text Add to dashboard Cite

Behavioural researchers are increasingly conducting their studies online to gain access to large and diverse samples that would be difficult to get in a laboratory environment. However, there are technical access barriers to building experiments online, and web-browsers can present problems for consistent timingan important issue with reaction time-sensitive measures. For example, to ensure accuracy and test-retest reliability in presentation and response recording, experimenters need a working knowledge of programming languages such as JavaScript. We review some of the previous and current tools for online behavioural research, and how well they address the issues of usability and timing. We then present The Gorilla Experiment Builder (gorilla.sc) a fully tooled experiment authoring and deployment platform, designed to resolve many timing issues, and make reliable online experimentation open and accessible to a wider range of technical abilities. In order to demonstrate the platform's aptitude for accessible, reliable and scalable research, we administered the task with a range of participant groups (primary school children and adults), settings (without supervision, at home, and under supervision, in schools and public engagement events), equipment (own computers, computer supplied by researcher), and connection types (personal internet connection, mobile phone 3G/4G). We used a simplified flanker task, taken from the Attentional Networks Task (Rueda, Posner, & Rothbart, 2004). We replicated the 'conflict network' effect in all these populations, demonstrating the platform's capability to run reaction timesensitive experiments. Unresolved limitations of running experiments online are then discussed, along with potential solutions, and some future features of the platform.

show abstract

Section: Timing Controlmentioning

confidence: 99%

Gorilla in our Midst: An online behavioral experiment builder

Anwyl-Irvine

Massonnié

Flitton

et al. 2018

Preprint

167

162

View full text Add to dashboard Cite

show abstract

“…• Can perform some malicious behaviors even if the service had initially the minimum amount of privileges to accomplish its functions, • Can compromise a privileged service or elevate the privileges of a compromised service to superuser, • Cannot exploit software-triggered hardware vulnerabilities (e.g., side-channel attacks [35,38,41,60]), • Do not have physical access to the platform.…”

Section: Threat Model and Assumptionsmentioning

confidence: 99%

Survivor

Chevalier

Plaquin

Dalton

et al. 2019

Proceedings of the 35th Annual Computer Security Applications Conference

View full text Add to dashboard Cite

Despite the deployment of preventive security mechanisms to protect the assets and computing platforms of users, intrusions eventually occur. We propose a novel intrusion survivability approach to withstand ongoing intrusions. Our approach relies on an orchestration of fine-grained recovery and per-service responses (e.g., privileges removal). Such an approach may put the system into a degraded mode. This degraded mode prevents attackers to reinfect the system or to achieve their goals if they managed to reinfect it. It maintains the availability of core functions while waiting for patches to be deployed. We devised a cost-sensitive response selection process to ensure that while the service is in a degraded mode, its core functions are still operating. We built a Linux-based prototype and evaluated the effectiveness of our approach against different types of intrusions. The results show that our solution removes the effects of the intrusions, that it can select appropriate responses, and that it allows services to survive when reinfected. In terms of performance overhead, in most cases, we observed a small overhead, except in the rare case of services that write many small files asynchronously in a burst, where we observed a higher but acceptable overhead. CCS CONCEPTS• Security and privacy → Operating systems security; Malware and its mitigation.

show abstract

“…The input-output attacker manipulates the data inputs of an embedded software application to trigger internal buffer overflows or internal software bugs in the application. The memory attacker co-exists with the embedded software application, for example as a malicious software task, and snoops the memory space in order to directly manipulate or observe a secure embedded application [1], [2]. Both of these attackers succeed because they break an implicit assumption made by the secure embedded software application.…”

Section: Introductionmentioning

confidence: 99%

Fault Attacks on Secure Embedded Software: Threats, Design, and Evaluation

Yuce

Schaumont

Witteman³

2018

J Hardw Syst Secur

View full text Add to dashboard Cite

Embedded software is developed under the assumption that hardware execution is always correct. Fault attacks break and exploit that assumption. Through the careful introduction of targeted faults, an adversary modifies the controlflow or data-flow integrity of software. The modified program execution is then analyzed and used as a source of information leakage, or as a mechanism for privilege escalation. Due to the increasing complexity of modern embedded systems, and due to the difficulty of guaranteeing correct hardware execution even under a weak adversary, fault attacks are a growing threat. For example, the assumption that an adversary has to be close to the physical execution of software, in order to inject an exploitable fault into hardware, has repeatedly been shown to be incorrect. This article is a review on hardware-based fault attacks on software, with emphasis on the context of embedded systems. We present a detailed discussion of the anatomy of a fault attack, and we make a review of fault attack evaluation techniques. The paper emphasizes the perspective from the attacker, rather than the perspective of countermeasure development. However, we emphasize that improvements to countermeasures often build on insight into the attacks.

show abstract

Spectre Attacks: Exploiting Speculative Execution

Cited by 1,274 publications

References 27 publications

Gorilla in our Midst: An online behavioral experiment builder

Gorilla in our Midst: An online behavioral experiment builder

Survivor

Fault Attacks on Secure Embedded Software: Threats, Design, and Evaluation

Contact Info

Product

Resources

About