1 files changed, 60 insertions, 2 deletions
diff --git a/chap/abs.tex b/chap/abs.tex
index 8dc8efc..107c77e 100644
--- a/chap/abs.tex
+++ b/chap/abs.tex
@@ -2,11 +2,69 @@
 % Public domain.
 
 \begin{cabstract}
-	%\pkuthssffaq % 中文测试文字。
+  现代微处理器设计主要考虑性能和功耗。随着软硬件变得越来越复杂，安全在
+  计算机系统的设计中逐渐受到重视。Meltdown 和 Spectre 攻击的发现，表明
+  处理器微架构的优化，虽然不影响程序的正确运行，但是可能破坏系统的安全
+  性。其中 Spectre 攻击利用处理器的推测式执行，通过暂态指令的执行构造隐
+  蔽信道，将程序中的秘密信息泄露给攻击者，破坏了程序的安全保证和系统的
+  隔离性。由于推测式执行是处理器优化执行性能的重要手段，在防御 Spectre
+  攻击的同时，减少防御手段带来的性能下降，是一个复杂的问题。
+
+  本文基于 gem5 模拟平台，设计了一种用于防御 Spectre 攻击的微架构，并
+  对其进行评估。主要工作内容如下：
+  \begin{enumerate}
+  \item 调研现有的侧信道攻击、Meltdown 和 Spectre 攻击技术，深入分析这
+    些攻击技术的原理。
+  \item 调研现有的 Meltdown 和 Spectre 防御方案，分析这些方案的设计思
+    想、实现方法、安全性和开销
+  \item 设计一种用于防御 Spectre 攻击的微架构，并在 gem5 中模拟。该微架
+    构基于动态信息流追踪技术，它用于检测推测式执行中的指令是否直接或间
+    接依赖一个推测式执行中从内存装载的值，进而可能泄露数据。本文将这种
+    技术和已有的安全装载数据的方案 InvisiSpec 结合使用，并在 gem5 中实
+    现了这些模型。
+  \item 评测这种微架构的安全性和性能。在 gem5 中模拟这种微架构，用构造
+    的验证程序进行测试，表明设计的微架构满足本文的安全特性。用 SPEC
+    CPU2006 进行性能评测，平均性能开销为 8.5\%，优于只使用动态信息流追
+    踪检测技术或只使用 InvisiSpec 的模型的性能。
+  \end{enumerate}
 \end{cabstract}
 
 \begin{eabstract}
-	%Test of the English abstract.
+  Performance and power consumption are the main factors of modern
+  processor design. As software and hardware become more and more
+  complex, security is becoming important in computer system
+  design. The disclosure of Meltdown and Spectre shows that
+  microarchitecture optimizations can break the security of the
+  system, although the programs still run correctly. Spectre exploits
+  speculative execution, constructing covert channel with transient
+  instructions, and leak secret information to the attacker, breaking
+  the security guarentee of the program and system isolation. Since
+  speculative execution is an important method to optimize the
+  execution, it's complex to defend against Spectre attack, while
+  minimize the performance loss of the defense.
+
+  This thesis designs a microarchitecture to defend against Spectre
+  attack, based on the gem5 simulation platform, and evaluates the
+  design. The contribution of this thesis is as follows:
+  \begin{enumerate}
+  \item Investigate on current side-channel attack, Meltdown and
+    Spectre attack, and analyze how these attacks work
+  \item Investigate on current defenses of Meltdown and Spectre
+    attack, analyze their idea, implementation, security and overhead
+  \item Design a microarchitecture to defend against spectre attack
+    and simulate it on gem5. This microarchitecture is based on
+    dynamic information flow tracking, which detects whether a
+    speculating instruction directly or indirectly depends on a value
+    loaded from memory, which may result in a leakage. This thesis
+    combines this method with InvisiSpec, a scheme to execute
+    speculating load safely, and implement these models on gem5.
+  \item Evaluate the security and performance of this
+    microarchitecture. Tested with a constructed proof of concept code
+    on gem5, this microarchitecture design has the expected security
+    feature. Evaluated with SPEC CPU2006, this microarchitecture has
+    an average performance overhead of 8.5\%, better than using DIFT
+    or InvisiSpec only.
+  \end{enumerate}
 \end{eabstract}
 
 % vim:ts=4:sw=4