| 引用本文: |
-
柯谦,王博,邱朋飞,王春露,李根,唐遇星.处理器微架构瞬态攻击防御方法综述[J].信息安全学报,已采用 [点击复制]
- KE Qian,wangbo,qiupengfei,wangchunlu,ligen,tangyuxing.Survey of Methods for Defending Against Transient Exe-cution Attacks on Processor Microarchitectures[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 瞬态攻击利用处理器的推测执行特性来泄露敏感信息,对现代处理器尤其是高性能处理器造成了广泛的影响,其成因在于处理器在特定情况(如分支预测错误、流水线异常等)下出现的流水线回退,会触发瞬态窗口,攻击者利用此窗口访问并编码秘密信息到微架构状态中,因流水线回退时该状态未被清除,通过侧信道可以对秘密信息实现窃取。瞬态攻击存在多种攻击形式,包括幽灵、熔断漏洞以及各种变种。为了抵御这类隐蔽的攻击,学术界和工业界提出了一系列防御策略。这些策略旨在从软件和硬件两个层面来加固系统,以防范瞬态攻击的潜在威胁。本文深入调研了已有的软件层面以及硬件层面针对瞬态攻击的各种防御措施,并探讨不同防御措施的原理与变化。本文从防御设计的角度出发,首先介绍了处理器微架构的基本设计以及瞬态攻击的攻击过程,然后在软件层面,总结了不同场景下的软件防御策略,并按照部署的不同层面对软件防御措施进行分类,分析了这些防御措施的基本原理以及部分防御措施的不同变种;随后,在硬件层面,分析了如何针对攻击的不同步骤对处理器微架构不同组件进行设计调整,并分析硬件层面不同微架构组件设计调整策略的基本原理与方法;最后,本文讨论了现有软、硬件防御措施的特点以及未来可能的研究方向。 |
| 关键词: 处理器 微架构 瞬态攻击 防御方法 |
| DOI: |
| 投稿时间:2024-12-10修订日期:2025-03-06 |
| 基金项目: |
|
| Survey of Methods for Defending Against Transient Exe-cution Attacks on Processor Microarchitectures |
|
KE Qian1, wangbo2, qiupengfei3, wangchunlu3, ligen2, tangyuxing2
|
| (1.Phytium Technology Co., Ltd;2.Phytium Technology Co., Ltd.;3.Beijing University of Posts and Telecommunications) |
| Abstract: |
| Transient execution attacks exploit the speculative execution features of processors to leak sensitive information, posing a widespread impact on modern processors, especially high-performance ones. The reason is that the processor, under specific circumstances (such as branch prediction errors, pipeline exceptions, etc.), will trigger a transient win-dow due to pipeline fallback. The attacker uses this window to access and encode secret information into the micro-architecture state. Since the state is not cleared when the pipeline falls back, secret information can be stolen through the side channel. There are many forms of attacks in transient execution attacks, including Spectre, Meltdown vul-nerabilities, and various variants. To counter these covert attacks, academia and industry have come up with a range of defense strategies. These strategies are designed to harden systems at both the software and hardware levels, guarding against the potential threats of transient execution attacks. This paper conducts an in-depth investigation into various defense measures against transient execution attacks at both the software and hardware levels and discusses the prin-ciples and variations of different defense measures. Starting from the perspective of defense design, the paper first introduces the basic design of processor microarchitecture and the attack process of transient execution attacks. Then, at the software level, the software defense strategies in different scenarios were analyzed, and the software defense measures were classified according to the different levels of deployment, and the basic principles of these defense measures and different variants of some defense measures were analyzed. Then, at the hardware level, analyze how to design and adjust different components of the processor microarchitecture for different steps of the attack, and analyze the basic principles and methods of design and adjustment strategies for different microarchitecture components at the hardware level. Finally, this paper discusses the characteristics of existing software and hardware defense measures and potential future research directions. |
| Key words: processor microarchitecture transient execution attack defense method |
