TY - JOUR
T1 - SpecBox
T2 - A Label-Based Transparent Speculation Scheme Against Transient Execution Attacks
AU - Tang, Bowen
AU - Wu, Chenggang
AU - Wang, Zhe
AU - Jia, Lichen
AU - Yew, Pen Chung
AU - Cheng, Yueqiang
AU - Zhang, Yinqian
AU - Wang, Chenxi
AU - Xu, Guoqing Harry
N1 - Publisher Copyright:
© 2004-2012 IEEE.
PY - 2023/1/1
Y1 - 2023/1/1
N2 - Speculative execution techniques have been a cornerstone of modern processors to improve instruction-level parallelism. However, recent studies showed that this kind of techniques could be exploited by attackers to leak secret data via transient execution attacks, such as Spectre. Many defenses are proposed to address this problem, but they all face various challenges: (1) Tracking data flow in the instruction pipeline could comprehensively address this problem, but it could cause pipeline stalls and incur high performance overhead; (2) Making side effect of speculative execution imperceptible to attackers, but it often needs additional storage components and complicated data movement operations. In this article, we propose a label-based transparent speculation scheme called SpecBox. It dynamically partitions the cache system to isolate speculative data and non-speculative data, which can prevent transient execution from being observed by subsequent execution. Moreover, it uses thread ownership semaphores to prevent speculative data from being accessed across cores. In addition, SpecBoxalso enhances the auxiliary components in the cache system against transient execution attacks, such as hardware prefetcher. Our security analysis shows that SpecBoxis secure and the performance evaluation shows that the performance overhead on SPEC CPU 2006 and PARSEC-3.0 benchmarks is small.
AB - Speculative execution techniques have been a cornerstone of modern processors to improve instruction-level parallelism. However, recent studies showed that this kind of techniques could be exploited by attackers to leak secret data via transient execution attacks, such as Spectre. Many defenses are proposed to address this problem, but they all face various challenges: (1) Tracking data flow in the instruction pipeline could comprehensively address this problem, but it could cause pipeline stalls and incur high performance overhead; (2) Making side effect of speculative execution imperceptible to attackers, but it often needs additional storage components and complicated data movement operations. In this article, we propose a label-based transparent speculation scheme called SpecBox. It dynamically partitions the cache system to isolate speculative data and non-speculative data, which can prevent transient execution from being observed by subsequent execution. Moreover, it uses thread ownership semaphores to prevent speculative data from being accessed across cores. In addition, SpecBoxalso enhances the auxiliary components in the cache system against transient execution attacks, such as hardware prefetcher. Our security analysis shows that SpecBoxis secure and the performance evaluation shows that the performance overhead on SPEC CPU 2006 and PARSEC-3.0 benchmarks is small.
KW - Transient execution attack
KW - cache partition
KW - shared cache access control
UR - http://www.scopus.com/inward/record.url?scp=85123724093&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85123724093&partnerID=8YFLogxK
U2 - 10.1109/TDSC.2022.3144287
DO - 10.1109/TDSC.2022.3144287
M3 - Article
AN - SCOPUS:85123724093
SN - 1545-5971
VL - 20
SP - 827
EP - 840
JO - IEEE Transactions on Dependable and Secure Computing
JF - IEEE Transactions on Dependable and Secure Computing
IS - 1
ER -