Mitigating Spectre Attacks Using CFI Informed Speculation
Offered By: IEEE via YouTube
Course Description
Overview
Explore a comprehensive conference talk on SPECCFI, a novel approach to mitigating Spectre attacks using Control-Flow Integrity (CFI) informed speculation. Delve into the intricacies of this security technique designed to prevent speculative control-flow hijacking in modern CPUs. Learn about the implementation of CFI principles to constrain illegal control-flow during speculative execution, focusing on both forward and backward control-flow paths. Discover how SPECCFI combines with existing solutions to address all known non-vendor-specific Spectre vulnerabilities. Examine the talk's coverage of micro-architectural attacks, Spectre attack steps, related work, and ISA extensions. Gain insights into the main design, including CFG computation, SPECCFI under attack scenarios, and backward-edge defense mechanisms. Analyze the implementation details, security evaluation, and performance assessment of this innovative approach to enhancing CPU security against speculative execution vulnerabilities.
Syllabus
Intro
Micro-Architectural Attacks
Spectre Attack Steps
Related Work
Instructions Set Architecture (ISA) Extension
Main design: compute CFG(2)
SPECCFI Under Attack
Backward-edge Defense
Implementation
Security Evaluation
Performance Evaluation
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
Getting Started with Reverse EngineeringPluralsight Intro to Binary Exploitation
HTB Academy via Independent Energy Efficient Programming
openHPI Journey to the Centre of the JVM - Exploring CPU Architecture and Memory Models
ChariotSolutions via YouTube One Glitch to Rule Them All - Fault Injection Attacks Against the AMD Secure Processor
Black Hat via YouTube