2022 Fiscal Year Final Research Report
Exploring Foundations for Spectre Defenses
| Project/Area Number |
20K23319
|
|---|
| Research Category |
Grant-in-Aid for Research Activity Start-up
|
| Allocation Type | Multi-year Fund |
|---|
| Review Section |
1001:Information science, computer engineering, and related fields
|
|---|
| Research Institution | Tokyo Institute of Technology |
|---|
Principal Investigator |
|
|---|
| Project Period (FY) |
2020-09-11 – 2023-03-31
|
| Keywords | Spectre / ハードウェアセキュリティ / 分岐予測 / 投機実行 |
|---|
| Outline of Final Research Achievements |
The vulnerability related to the hardware implementation of a processor called Spectre, which was reported in 2018, is highly critical as it allows attackers to potentially read data from any address in the memory. Spectre attacks exploiting this vulnerability have no practical countermeasures proposed yet, making mitigation a significant challenge. Through this research, we have conceived a detection mechanism for Spectre gadgets (instruction sequences that can be used in Spectre attacks) by deliberately inducing (speculative) execution of incorrect branch directions in the processor during program execution, utilizing a software testing technique called fuzzing.
|
| Free Research Field |
コンピュータアーキテクチャ、コンピュータセキュリティ、コンピュータシステム
|
| Academic Significance and Societal Importance of the Research Achievements |
Spectre攻撃はプロセッサのハードウェア実装に起因するものであり、ソフトウェアでの対策は大きな性能オーバーヘッドを伴う。一方でハードウェアによる対策は現実的なものが提案されておらず、実現の可否については不透明である。本研究を通して得られた構想は実行ソフトウェア内からSpectre攻撃に利用され得るSpectreガジェットを検出するものであり、効果的な対策への足がかりとなる可能性を有している。
|
