New Search

Export article

A Defense Mechanism Against Transient Execution Attacks On SMT Processors

Xin Jin, Ningmei Yu

Abstract: Transient execution attack does not affect the state of processor microarchitecture, which breaks the traditional definition of correct execution. It not only brings great challenges to the industrial product security, but also opens up a new research direction for the academic community. This paper proposes a defense mechanism for SMT processors against launching transient execution attacks using shared cache. The main structure includes two parts, a security shadow label and a transient execution cache. In the face of the side channel attacks widely used by transient execution attack, our defense mechanism adds a security shadow label to the memory request from the thread with high security requirement, so that the shared cache can distinguish the cache requests from different security level threads. At the same time, based on the record of security shadow label, the transient execution cache is used to preserve the historical data, so as to realize the repair of the cache state and prevent the modification of the cache state by misspeculated path from being exploited by attackers. Finally, the cache state is successfully guaranteed to be invisible to any attacker’s cache operations. This design only needs one operation similar to the normal memory access, thus reducing the memory access pressure. Compared with the existing defense schemes, our scheme can effectively prevent Spectre attack, and the overhead of performance is only 3.9%.
Keywords: attack / transient execution / defense / structure / cache / processors / shadow / memory

Scifeed alert for new publications

Never miss any articles matching your research from any publisher
  • Get alerts for new papers matching your research
  • Find out the new papers from selected authors
  • Updated daily for 49'000+ journals and 6000+ publishers
  • Define your Scifeed now

Share this article

Click here to see the statistics on "IEICE Electronics Express" .
References (21)
    Back to Top Top