diff options
author | Iru Cai <mytbk920423@gmail.com> | 2019-05-15 13:34:15 +0800 |
---|---|---|
committer | Iru Cai <mytbk920423@gmail.com> | 2019-05-15 13:34:15 +0800 |
commit | 29f78286a4a82782661c6e9f8ecc1d70939cbe56 (patch) | |
tree | 2c158750f8fcd34718175f9e72f1b813defe8490 /chap/abs.tex | |
parent | f2e79906f0681735649a4991fdd45742ee65b999 (diff) | |
download | dissertation-29f78286a4a82782661c6e9f8ecc1d70939cbe56.tar.xz |
upd
Diffstat (limited to 'chap/abs.tex')
-rw-r--r-- | chap/abs.tex | 62 |
1 files changed, 60 insertions, 2 deletions
diff --git a/chap/abs.tex b/chap/abs.tex index 8dc8efc..107c77e 100644 --- a/chap/abs.tex +++ b/chap/abs.tex @@ -2,11 +2,69 @@ % Public domain. \begin{cabstract} - %\pkuthssffaq % 中文测试文字。 + 现代微处理器设计主要考虑性能和功耗。随着软硬件变得越来越复杂,安全在 + 计算机系统的设计中逐渐受到重视。Meltdown 和 Spectre 攻击的发现,表明 + 处理器微架构的优化,虽然不影响程序的正确运行,但是可能破坏系统的安全 + 性。其中 Spectre 攻击利用处理器的推测式执行,通过暂态指令的执行构造隐 + 蔽信道,将程序中的秘密信息泄露给攻击者,破坏了程序的安全保证和系统的 + 隔离性。由于推测式执行是处理器优化执行性能的重要手段,在防御 Spectre + 攻击的同时,减少防御手段带来的性能下降,是一个复杂的问题。 + + 本文基于 gem5 模拟平台,设计了一种用于防御 Spectre 攻击的微架构,并 + 对其进行评估。主要工作内容如下: + \begin{enumerate} + \item 调研现有的侧信道攻击、Meltdown 和 Spectre 攻击技术,深入分析这 + 些攻击技术的原理。 + \item 调研现有的 Meltdown 和 Spectre 防御方案,分析这些方案的设计思 + 想、实现方法、安全性和开销 + \item 设计一种用于防御 Spectre 攻击的微架构,并在 gem5 中模拟。该微架 + 构基于动态信息流追踪技术,它用于检测推测式执行中的指令是否直接或间 + 接依赖一个推测式执行中从内存装载的值,进而可能泄露数据。本文将这种 + 技术和已有的安全装载数据的方案 InvisiSpec 结合使用,并在 gem5 中实 + 现了这些模型。 + \item 评测这种微架构的安全性和性能。在 gem5 中模拟这种微架构,用构造 + 的验证程序进行测试,表明设计的微架构满足本文的安全特性。用 SPEC + CPU2006 进行性能评测,平均性能开销为 8.5\%,优于只使用动态信息流追 + 踪检测技术或只使用 InvisiSpec 的模型的性能。 + \end{enumerate} \end{cabstract} \begin{eabstract} - %Test of the English abstract. + Performance and power consumption are the main factors of modern + processor design. As software and hardware become more and more + complex, security is becoming important in computer system + design. The disclosure of Meltdown and Spectre shows that + microarchitecture optimizations can break the security of the + system, although the programs still run correctly. Spectre exploits + speculative execution, constructing covert channel with transient + instructions, and leak secret information to the attacker, breaking + the security guarentee of the program and system isolation. Since + speculative execution is an important method to optimize the + execution, it's complex to defend against Spectre attack, while + minimize the performance loss of the defense. + + This thesis designs a microarchitecture to defend against Spectre + attack, based on the gem5 simulation platform, and evaluates the + design. The contribution of this thesis is as follows: + \begin{enumerate} + \item Investigate on current side-channel attack, Meltdown and + Spectre attack, and analyze how these attacks work + \item Investigate on current defenses of Meltdown and Spectre + attack, analyze their idea, implementation, security and overhead + \item Design a microarchitecture to defend against spectre attack + and simulate it on gem5. This microarchitecture is based on + dynamic information flow tracking, which detects whether a + speculating instruction directly or indirectly depends on a value + loaded from memory, which may result in a leakage. This thesis + combines this method with InvisiSpec, a scheme to execute + speculating load safely, and implement these models on gem5. + \item Evaluate the security and performance of this + microarchitecture. Tested with a constructed proof of concept code + on gem5, this microarchitecture design has the expected security + feature. Evaluated with SPEC CPU2006, this microarchitecture has + an average performance overhead of 8.5\%, better than using DIFT + or InvisiSpec only. + \end{enumerate} \end{eabstract} % vim:ts=4:sw=4 |