CRII: SaTC: Mitigating Software-Based Microarchitectural Attacks via Secure Microcode Customization

CRII:SaTC:通过安全微代码定制缓解基于软件的微架构攻击

基本信息

  • 批准号:
    1850436
  • 负责人:
    Ashish Venkat
  • 金额:
    $ 17.5万
  • 依托单位:
    University of Virginia Main Campus
  • 依托单位国家:
    美国
  • 项目类别:
    Standard Grant
  • 财政年份:
    2019
  • 资助国家:
    美国
  • 起止时间:
    2019-03-01 至 2022-02-28
  • 项目状态:
    已结题

项目摘要

Modern high-performance processors implement complex microarchitectural optimizations involving speculative execution which has recently been shown to be vulnerable to a type of malicious attack called Spectre. This project will investigate a microarchitectural solution framework to secure against such attacks. This framework, called context-sensitive fencing, will seek to automatically track and detect malicious execution patterns dynamically to trigger defense code without programmer intervention and with minimal impact on processor performance.This research will investigate a high performance defense strategy with three novel components: (a) secure microcode customization which leverages the processor's microcode engine to enable the surgical injection of Spectre defense code (e.g., speculation fences) into the dynamic instruction stream without the need for software patching, (b) a decoder-level information flow tracking framework which detects spurious execution patterns that result in the mis-training of core microprocessor structures such as the branch predictor, and (c) microarchitecture hardening mechanisms that shield sensitive microarchitectural structures against the malicious side effects of speculative execution, to further enable a security-aware processor architecture design.The reconfigurable microcode-level defense proposed by this research may address the Spectre attack which affects millions of users. This project will train and mentor graduate and undergraduate students and is expected to facilitate development of a hardware security course to be delivered in-class and online.The results from this research will be disseminated in the form of publications, presentations, design reports, course materials, and source code, and will be hosted publicly for the length of this project and beyond, on the investigator's website at http://www.cs.virginia.edu/venkat.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
现代高性能处理器实现了复杂的微架构优化,涉及投机执行,最近已被证明容易受到一种称为Spectre的恶意攻击。 这个项目将研究一个微架构的解决方案框架,以防止这种攻击。 这个框架被称为上下文敏感的屏蔽,它将寻求自动跟踪和动态检测恶意执行模式,以触发防御代码,而无需程序员干预,并且对处理器性能的影响最小。这项研究将研究一种高性能的防御策略,包括三个新组件:(a)安全微代码定制,其利用处理器的微代码引擎来实现Spectre防御代码的外科手术注入(例如,推测栅栏)进入动态指令流而不需要软件修补,(B)解码器级信息流跟踪框架,其检测导致核心微处理器结构(例如分支预测器)的误训练的伪执行模式,以及(c)微体系结构硬化机制,其屏蔽敏感的微体系结构免受推测执行的恶意副作用,以进一步实现安全感知的处理器架构设计。本研究提出的可重配置微代码级防御可以解决影响数百万用户的Spectre攻击。 该项目将培训和指导研究生和本科生,并有望促进硬件安全课程的开发,该课程将在课堂上和在线上提供。该研究的结果将以出版物、演示文稿、设计报告、课程材料和源代码的形式传播,并将在该项目期间及以后公开托管在调查员的网站http://www.cs.virginia.edu/venkat.This。NSF的法定使命,并已被认为是值得通过使用基金会的知识价值和更广泛的影响审查标准进行评估的支持。

项目成果

期刊论文数量(4)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
Context-Sensitive Fencing: Securing Speculative Execution via Microcode Customization
Mitigating Speculative Execution Attacks via Context-Sensitive Fencing
通过上下文敏感防护减轻推测执行攻击
  • DOI:
    10.1109/mdat.2022.3152633
  • 发表时间:
    2022
  • 期刊:
    IEEE Design & Test
  • 影响因子:
    2
  • 作者:
    Taram, Mohammadkazem;Venkat, Ashish;Tullsen, Dean
  • 通讯作者:
    Tullsen, Dean
Context-Sensitive Decoding: On-Demand Microcode Customization for Security and Energy Management
上下文相关解码:用于安全和能源管理的按需微代码定制
  • DOI:
    10.1109/mm.2019.2910507
  • 发表时间:
    2019
  • 期刊:
    IEEE Micro
  • 影响因子:
    3.6
  • 作者:
    Taram, Mohammadkazem;Venkat, Ashish;Tullsen, Dean M.
  • 通讯作者:
    Tullsen, Dean M.
I See Dead µops: Leaking Secrets via Intel/AMD Micro-Op Caches
我看到死微操作:通过 Intel/AMD 微操作缓存泄露秘密
{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
    {{ item.journal_name }}
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ monograph.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ sciAawards.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ conferencePapers.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ patent.updateTime }}

Ashish Venkat其他文献

Ashish Venkat的其他文献

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
    {{ item.journal_name }}
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}
立即体验

{{ truncateString('Ashish Venkat', 18)}}的其他基金

CAREER: Enabling Robust and Adaptive Architectures through a Decoupled Security-Centric Hardware/Software Stack
职业:通过解耦的以安全为中心的硬件/软件堆栈实现鲁棒性和自适应架构
  • 批准号:
    2238548
  • 财政年份:
    2023
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Continuing Grant
NSF Student Travel Grant for the 26th IEEE International Symposium on High Performance Computer Architecture (HPCA 2020)
NSF 学生旅费资助第 26 届 IEEE 国际高性能计算机架构研讨会 (HPCA 2020)
  • 批准号:
    2014751
  • 财政年份:
    2020
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant
FoMR: Speculative Super-optimization: Boosting Performance via Speculation-Driven Dynamic Binary Optimization
FoMR:推测性超级优化:通过推测驱动的动态二进制优化提高性能
  • 批准号:
    1912608
  • 财政年份:
    2019
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant

相似海外基金

CRII: SaTC: RUI: Understanding and Collectively Mitigating Harms from Deepfake Imagery
CRII:SaTC:RUI:理解并共同减轻 Deepfake 图像的危害
  • 批准号:
    2348326
  • 财政年份:
    2024
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant
SaTC: CORE: Small: Mitigating Threats of Physical-Domain Signal Injections on Security, Reliability, and Safety of Sensing and Control Systems
SaTC:核心:小型:减轻物理域信号注入对传感和控制系统的安全性、可靠性和安全性的威胁
  • 批准号:
    2231682
  • 财政年份:
    2023
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Continuing Grant
SaTC: CORE: Small: An Automated Framework for Mitigating Single-Trace Side-Channel Leakage
SaTC:核心:小型:用于减轻单迹侧通道泄漏的自动化框架
  • 批准号:
    2241879
  • 财政年份:
    2023
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant
SaTC: CORE: Small: Investigating and Mitigating Harmful Design in User-Generated Virtual World through Design Moderation
SaTC:核心:小型:通过设计审核调查和减轻用户生成的虚拟世界中的有害设计
  • 批准号:
    2326505
  • 财政年份:
    2023
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Continuing Grant
CRII: SaTC: Towards Detecting and Mitigating Vulnerabilities
CRII:SaTC:致力于检测和缓解漏洞
  • 批准号:
    2153474
  • 财政年份:
    2022
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant
SaTC: CORE: Medium: Collaborative Research: Understanding and Mitigating the Privacy and Societal Risks of Advanced Advertising Targeting and Tracking
SaTC:核心:媒介:协作研究:理解和减轻高级广告定位和跟踪的隐私和社会风险
  • 批准号:
    2333448
  • 财政年份:
    2022
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant
SaTC: CORE: Small: Understanding and Mitigating the Security Risks of AutoML
SaTC:核心:小型:了解和减轻 AutoML 的安全风险
  • 批准号:
    2212323
  • 财政年份:
    2022
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Continuing Grant
Collaborative Research: SaTC: CORE: Large: Rapid-Response Frameworks for Mitigating Online Disinformation
协作研究:SaTC:核心:大型:减少在线虚假信息的快速响应框架
  • 批准号:
    2120098
  • 财政年份:
    2021
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Continuing Grant
Collaborative Research: SaTC: CORE: Large: Rapid-Response Frameworks for Mitigating Online Disinformation
协作研究:SaTC:核心:大型:减少在线虚假信息的快速响应框架
  • 批准号:
    2120496
  • 财政年份:
    2021
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Continuing Grant
SaTC: CORE: Small: Finding and Mitigating Side-channel Leakage in Embedded Architectures
SaTC:核心:小型:查找并减轻嵌入式架构中的侧通道泄漏
  • 批准号:
    1931639
  • 财政年份:
    2019
  • 资助金额:
    $ 17.5万
  • 项目类别:
    Standard Grant
{{ showInfoDetail.title }}

作者:{{ showInfoDetail.author }}

知道了