Mitigating Spectre Attacks Using CFI Informed Speculation
Offered By: IEEE via YouTube
Course Description
Overview
Explore a comprehensive conference talk on SPECCFI, a novel approach to mitigating Spectre attacks using Control-Flow Integrity (CFI) informed speculation. Delve into the intricacies of this security technique designed to prevent speculative control-flow hijacking in modern CPUs. Learn about the implementation of CFI principles to constrain illegal control-flow during speculative execution, focusing on both forward and backward control-flow paths. Discover how SPECCFI combines with existing solutions to address all known non-vendor-specific Spectre vulnerabilities. Examine the talk's coverage of micro-architectural attacks, Spectre attack steps, related work, and ISA extensions. Gain insights into the main design, including CFG computation, SPECCFI under attack scenarios, and backward-edge defense mechanisms. Analyze the implementation details, security evaluation, and performance assessment of this innovative approach to enhancing CPU security against speculative execution vulnerabilities.
Syllabus
Intro
Micro-Architectural Attacks
Spectre Attack Steps
Related Work
Instructions Set Architecture (ISA) Extension
Main design: compute CFG(2)
SPECCFI Under Attack
Backward-edge Defense
Implementation
Security Evaluation
Performance Evaluation
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network