Abstract | ||
---|---|---|
Meltdown attack exploits out-of-order execution in modern micro-architectures to extract sensitive data in kernel space of operating systems. Out-of-order execution opens a window of transient execution in which unauthorized access to kernel space is allowed. The original Meltdown attack utilizes an OS signal handler and hardware transactional memory support (e.g., Intel TSX) to create transient executions. Both methods, however, restrict the effectiveness of the attack due to a large amount of system noise from signal handlers and a limited number of processors that support TSX. To overcome this limitation, we propose a new variant of Meltdown attack by using a return stack buffer (RSB). Without the aid of TSX, the proposed attack introduces lower level of noise than the signal handler-based method, which broadens the impact of Meltdown attacks to a wide range of processors. We conclude this paper by presenting several countermeasures against the proposed attack.
|
Year | DOI | Venue |
---|---|---|
2019 | 10.1145/3321705.3331009 | AsiaCCS |
Keywords | Field | DocType |
Microarchitectural side-channel attacks, Transient execution attacks, Return stack buffer | Return stack buffer,Computer science,Computer security,Low noise,Electrical engineering | Conference |
ISBN | Citations | PageRank |
978-1-4503-6752-3 | 0 | 0.34 |
References | Authors | |
0 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Taehyun Kim | 1 | 234 | 30.74 |
Youngjoo Shin | 2 | 0 | 1.01 |