Skip to content
/ SPECDET Public

Official Implementation of SPECDET: Static and Microarchitectural ML-Based Approaches for Detecting Spectre Vulnerabilities and Attacks. HASP’22 in Conjunction With The 55th IEEE/ACM International Symposium on Microarchitecture (MICRO’22).

License

MIT license
5 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

biringaChi/SPECDET

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

62 Commits
..doc
..doc
 
 
datasets
datasets
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

SPECDET

Official Implementation of Short Paper: Static and Microarchitectural ML-Based Approaches for Detecting Spectre Vulnerabilities and Attacks. Hardware and Architectural Support for Security and Privacy (HASP’22) in Conjunction With The 55th IEEE/ACM International Symposium on Microarchitecture (MICRO’22).

Visual Depiction of Research

Problem

Solution

Abstract

Spectre intrusions exploit speculative execution design vulnerabilities in modern processors. The attacks violate the principles of isolation in programs to gain unauthorized private user information. Current state-of-the-art detection techniques utilize micro-architectural features or vulnerable speculative code to detect these threats. However, these techniques are insufficient as Spectre attacks have proven to be more stealthy with recently discovered variants that bypass current mitigation mechanisms. Side-channels generate distinct patterns in processor cache, and sensitive information leakage is dependent on source code vulnerable to Spectre attacks, where an adversary uses these vulnerabilities, such as branch prediction, which causes a data breach. Previous studies predominantly approach the detection of Spectre attacks using the microarchitectural analysis, a reactive approach. Hence, in this paper, we present the first comprehensive evaluation of static and microarchitectural analysis-assisted machine learning approaches to detect Spectre vulnerable code snippets (preventive) and Spectre attacks (reactive). We evaluate the performance trade-offs in employing classifiers for detecting Spectre vulnerabilities and attacks.

Cite

@inproceedings{biringa2022short,
  title={Short Paper: Static and Microarchitectural ML-Based Approaches For Detecting Spectre Vulnerabilities and Attacks},
  author={Biringa, Chidera and Gaspard, Baye and Kul, Gokhan},
  booktitle={Proceedings of the 11th International Workshop on Hardware and Architectural Support for Security and Privacy},
  pages={53--57},
  year={2022}
}

Installation

$ git clone https://github.com/biringaChi/SPECDET
$ cd specdet
$ pip install -r requirements.txt

Gadget Data

Refer: Gadgets

CPU-PS Data

Refer: CPU-PS

Generating Spectre Embeddings

$ cd src/SGDetector/
$ python spectre_embed.py

Train & Test Vulnerability Detector

$ cd src/SGDetector/
$ python train.py --epochs=<arg> --lr=<arg> --batch_size=<arg>

Evaluate

$ cd src/SGDetector/
$ python test.py

Train & Test Attack Detector

$ cd src/CPSDetector/
$ python train.py

Presentation Video

Acknowledgments

This work has been funded by UMass Dartmouth Cybersecurity Center. Usual disclaimers apply.

LICENSE

MIT LICENSE.

About

Official Implementation of SPECDET: Static and Microarchitectural ML-Based Approaches for Detecting Spectre Vulnerabilities and Attacks. HASP’22 in Conjunction With The 55th IEEE/ACM International Symposium on Microarchitecture (MICRO’22).

Topics

machine-learning cnn intrusion-detection svm-classifier spectre-attacks cpu-processes-state spectre-gadgets

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages