TY - GEN
T1 - Decoding Attack Behaviors by Analyzing Patterns in Instruction-Based Attacks using gem5
AU - Awais, Muhammad
AU - Mushtaq, Maria
AU - Naviner, Lirida
AU - Bruguier, Florent
AU - Yahya, Jawad Haj
AU - Benoit, Pascal
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024/1/1
Y1 - 2024/1/1
N2 - The diversity of Instruction Set Architectures (ISAs), each with its unique constraints and optimization strategies, presents significant opportunities and challenges in processor design. Modern processor vendors exploit these ISAs to enhance security, reliability, and performance. Recent security vulnerabilities, notably Spectre and Meltdown, have highlighted the critical need for robust hardware security measures. In this paper, we employ gem5, a state-of-the-art cycle-accurate simulation tool, to simulate the Spectre attack. We developed and modified scripts for both x86 and ARM architectures to ensure compatibility with gem5 version 23.1. Our simulation setup involved running attack scenarios under various configurations to gather comprehensive data on cache misses, cache hits, mispredicted branches, and level 2 cache hits and misses. In the simulation, we analyzed the trace files generated by gem5, utilizing a range of debug flags such as Exec for disassembly (dasm) insights. By detailed analysis of cache and branch prediction using detailed debug data revealed by gem5 traces, we identify some specific attack patterns that are useful for automating the detection of the attacks. Our future work aims to expand this analysis to include additional attack vectors and find more attack patterns, thereby strengthening our attack pattern recognition capabilities.
AB - The diversity of Instruction Set Architectures (ISAs), each with its unique constraints and optimization strategies, presents significant opportunities and challenges in processor design. Modern processor vendors exploit these ISAs to enhance security, reliability, and performance. Recent security vulnerabilities, notably Spectre and Meltdown, have highlighted the critical need for robust hardware security measures. In this paper, we employ gem5, a state-of-the-art cycle-accurate simulation tool, to simulate the Spectre attack. We developed and modified scripts for both x86 and ARM architectures to ensure compatibility with gem5 version 23.1. Our simulation setup involved running attack scenarios under various configurations to gather comprehensive data on cache misses, cache hits, mispredicted branches, and level 2 cache hits and misses. In the simulation, we analyzed the trace files generated by gem5, utilizing a range of debug flags such as Exec for disassembly (dasm) insights. By detailed analysis of cache and branch prediction using detailed debug data revealed by gem5 traces, we identify some specific attack patterns that are useful for automating the detection of the attacks. Our future work aims to expand this analysis to include additional attack vectors and find more attack patterns, thereby strengthening our attack pattern recognition capabilities.
KW - Attacks Patterns
KW - Attacks Simulation
KW - Embedded Systems
KW - Hardware Attacks
KW - Hardware Security
UR - https://www.scopus.com/pages/publications/85219165136
U2 - 10.1109/RSP64122.2024.10871078
DO - 10.1109/RSP64122.2024.10871078
M3 - Conference contribution
AN - SCOPUS:85219165136
T3 - Proceedings of the International Workshop on Rapid System Prototyping
SP - 1
EP - 6
BT - Proceedings of the 2024 35th International Workshop on Rapid System Prototyping
PB - IEEE Computer Society
T2 - 35th International Workshop on Rapid System Prototyping, RSP 2024
Y2 - 3 October 2024
ER -