35th Annual Computer Security Applications Conference (ACSAC 2019)

Full Program »
Paper
View File
ACM
Presentation
View File
pdf

Speculator: A Tool to Analyze Speculative Execution Attacks and Mitigations

Speculative execution attacks exploit vulnerabilities at a CPU's microarchitectural level, which, until recently, remained hidden below the instruction set architecture, largely undocumented by CPU vendors. New speculative execution attacks are released on a monthly basis, showing how aspects of the so-far unexplored microarchitectural attack surface can be exploited. In this paper, we introduce, SPECULATOR, a new tool to investigate these new microarchitectural attacks and their mitigations, which aims to be the GDB of speculative execution. Using speculative execution markers, set of instructions that we found are observable through performance counters during CPU speculation, SPECULATOR can study microarchitectural behavior of single snippets of code, or more complex attacker and victim scenarios (e.g. Branch Target Injection (BTI) attacks). We also present our findings on multiple CPU platforms showing the precision and the flexibility offered by SPECULATOR and its templates.

Andrea Mambretti
Northeastern University

Matthias Neugschwandtner
IBM Research - Zurich

Alessandro Sorniotti
IBM Research - Zurich

Engin Kirda
Northeastern University

William Robertson
Northeastern University

Anil Kurmus
IBM Research - Zurich

 



Powered by OpenConf®
Copyright©2002-2020 Zakon Group LLC