The Evolution of Transient-Execution Attacks

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem Konferenzband

Abstract

Historically, non-architectural state was considered non-observable. Side-channel attacks, in particular on caches, already showed that this is not entirely correct and meta-information, such as the cache state, can be extracted. Transient-execution attacks emerged when multiple groups discovered the exploitability of speculative execution and, simultaneously, the exploitability of deferred permission checks in modern out-of-order processors. These attacks are called transient as they exploit that the processor first executes operations that are then reverted as if they were never executed. However, on the microarchitectural level, these operations and their effects can be observed. While side-channel attacks enable and exploit direct access to meta-data from other security domains,
transient-execution attacks enable and exploit direct access to actual data from other security domains. In this paper, we show how the transient-execution landscape evolved since the initial discoveries. We show that the understanding and systematic view of the field has advanced and now facilitate the discovery of new attack variants.
Originalspracheenglisch
TitelGLSVLSI 2020 - Proceedings of the 2020 Great Lakes Symposium on VLSI
Herausgeber (Verlag)ACM/IEEE
Seiten163-168
Seitenumfang6
ISBN (elektronisch)9781450379441
DOIs
PublikationsstatusVeröffentlicht - 7 Sep 2020
VeranstaltungGLSVLSI 2020: 30th ACM Great Lakes Symposium on VLSI - Virtuell, China
Dauer: 8 Sep 202011 Sep 2020

Publikationsreihe

NameProceedings of the ACM Great Lakes Symposium on VLSI, GLSVLSI

Konferenz

KonferenzGLSVLSI 2020
LandChina
OrtVirtuell
Zeitraum8/09/2011/09/20

ASJC Scopus subject areas

  • !!Engineering(all)

Fingerprint

Untersuchen Sie die Forschungsthemen von „The Evolution of Transient-Execution Attacks“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren