diff options
Diffstat (limited to 'chap/abs.tex')
-rw-r--r-- | chap/abs.tex | 65 |
1 files changed, 34 insertions, 31 deletions
diff --git a/chap/abs.tex b/chap/abs.tex index 080c963..81b1b10 100644 --- a/chap/abs.tex +++ b/chap/abs.tex @@ -14,7 +14,7 @@ 本文基于模拟平台,针对推测式执行侧信道攻击设计实现了一种防御结构。主 要工作内容如下: \begin{enumerate} - \item 调研 Meltdown 和 Spectre 攻击技术,分析其技术原理。 + \item 调研 Meltdown 和 Spectre 攻击,分析其技术原理。 \item 调研现有的 Meltdown 和 Spectre 防御方案,分析这些方案的设计思 想、实现方法、安全性和性能开销。 \item 设计一种针对 Spectre 攻击的防御结构,并在模拟平台中实现。该结 @@ -30,40 +30,43 @@ \begin{eabstract} Performance and power consumption are the main factors of modern - processor design. As software and hardware become more and more - complex, security is becoming important in computer system + processor design. As software and hardware systems become more and + more complex, security is becoming important in microprocessor design. The disclosure of Meltdown and Spectre shows that - microarchitecture optimizations can break the security of the - system, although the programs still run correctly. Spectre exploits - speculative execution, constructing covert channel with transient - instructions, and leak secret information to the attacker, breaking - the security guarentee of the program and system isolation. Since - speculative execution is an important method to optimize the - execution, it's complex to defend against Spectre attack, while - minimize the performance loss of the defense. + microarchitecture optimizations can bring security issues, although + the programs still run correctly. Spectre exploits speculative + execution, constructing covert channel with transient instructions, + and leak secret information to the attacker, breaking the security + guarentee of the program and system isolation. Since speculative + execution is an important method to optimize the performance in + microprocessor design, it's important to defend against Spectre + attack, while minimize the performance loss of the defense. - This thesis designs a microarchitecture to defend against Spectre - attack, based on the gem5 simulation platform, and evaluates the - design. The contribution of this thesis is as follows: - \begin{itemize} - \item Investigate on current side-channel attack, Meltdown and - Spectre attack, and analyze how these attacks work + This thesis designs a microarchitecture to defend against + speculation side channels based on the a simulation platform. The + contribution of this thesis is as follows: + \begin{enumerate} + \item Investigate on Meltdown and Spectre attacks, and analyze how + these attacks work. \item Investigate on current defenses of Meltdown and Spectre - attack, analyze their idea, implementation, security and overhead + attacks, analyze their idea, implementation, security and + performance overhead. \item Design a microarchitecture to defend against spectre attack - and simulate it on gem5. This microarchitecture is based on - dynamic information flow tracking, which detects whether a - speculating instruction directly or indirectly depends on a value - loaded from memory, which may result in a leakage. This thesis - combines this method with InvisiSpec, a scheme to execute - speculating load safely, and implement these models on gem5. - \item Evaluate the security and performance of this - microarchitecture. Tested with a constructed proof of concept code - on gem5, this microarchitecture design has the expected security - feature. Evaluated with SPEC CPU2006, this microarchitecture has - an average performance overhead of 8.5\%, better than using DIFT - or InvisiSpec only. - \end{itemize} + and implement it on a simulation platform. This microarchitecture + tracks the information flow, detecting the dependency of a + speculated instruction and a speculated data load from memory, and + tags the instruction which may leak data. For memory reads which + is likely unsafe, a safe loading mechanism is used, avoiding + leaving transient execution side effects in the cache. + \item Evaluate the microarchitecture on the simulation + platform. Tested with a constructed proof of concept code, this + microarchitecture design can defend the tested attacks, meeting + the security requirement. Evaluated with SPEC CPU2006, this + microarchitecture has an average performance overhead of 8.5\%, + and the number of speculated loads that need to be safely executed + is significantly decreased, thus the performance overhead of the + defence is smaller. + \end{enumerate} \end{eabstract} % vim:ts=4:sw=4 |