YoVDO

Mitigating Spectre Attacks Using CFI Informed Speculation

Offered By: IEEE via YouTube

Tags

Control-Flow Integrity Courses Cybersecurity Courses Performance Evaluation Courses Software Security Courses CPU Architecture Courses Speculative Execution Courses

Course Description

Overview

Explore a comprehensive conference talk on SPECCFI, a novel approach to mitigating Spectre attacks using Control-Flow Integrity (CFI) informed speculation. Delve into the intricacies of this security technique designed to prevent speculative control-flow hijacking in modern CPUs. Learn about the implementation of CFI principles to constrain illegal control-flow during speculative execution, focusing on both forward and backward control-flow paths. Discover how SPECCFI combines with existing solutions to address all known non-vendor-specific Spectre vulnerabilities. Examine the talk's coverage of micro-architectural attacks, Spectre attack steps, related work, and ISA extensions. Gain insights into the main design, including CFG computation, SPECCFI under attack scenarios, and backward-edge defense mechanisms. Analyze the implementation details, security evaluation, and performance assessment of this innovative approach to enhancing CPU security against speculative execution vulnerabilities.

Syllabus

Intro
Micro-Architectural Attacks
Spectre Attack Steps
Related Work
Instructions Set Architecture (ISA) Extension
Main design: compute CFG(2)
SPECCFI Under Attack
Backward-edge Defense
Implementation
Security Evaluation
Performance Evaluation


Taught by

IEEE Symposium on Security and Privacy

Tags

Related Courses

Getting Started with Reverse Engineering
Pluralsight
Intro to Binary Exploitation
HTB Academy via Independent
Energy Efficient Programming
openHPI
Journey to the Centre of the JVM - Exploring CPU Architecture and Memory Models
ChariotSolutions via YouTube
One Glitch to Rule Them All - Fault Injection Attacks Against the AMD Secure Processor
Black Hat via YouTube