TY - JOUR
T1 - SpecWands
T2 - An Efficient Priority-Based Scheduler Against Speculation Contention Attacks
AU - Tang, Bowen
AU - Wu, Chenggang
AU - Yew, Pen Chung
AU - Zhang, Yinqian
AU - Xie, Mengyao
AU - Lai, Yuanming
AU - Kang, Yan
AU - Wang, Wei
AU - Wei, Qiang
AU - Wang, Zhe
N1 - Publisher Copyright:
© 1982-2012 IEEE.
PY - 2023/12/1
Y1 - 2023/12/1
N2 - Transient execution attacks (TEAs) have gradually become a major security threat to modern high-performance processors. They exploit the vulnerability of speculative execution to illegally access private data, and transmit them through timing-based covert channels. While new vulnerabilities are discovered continuously, the covert channels can be categorized to two types: 1) Persistent Type, in which covert channels are based on the layout changes of buffering, e.g., through caches or TLBs and 2) Volatile Type, in which covert channels are based on the contention of sharing resources, e.g., through execution units or issuing ports. The defenses against the persistent-type covert channels have been well addressed, while those for the volatile-type are still rather inadequate. Existing mitigation schemes for the volatile type such as Speculative Compression and Time-Division-Multiplexing will introduce significant overhead due to the need to stall the pipeline or to disallow resource sharing. In this article, we look into such attacks and defenses with a new perspective, and propose a scheduling-based mitigation scheme, called SpecWands. It consists of three priority-based scheduling policies to prevent an attacker from transmitting the secret in different contention situations. SpecWands not only can defend against both interthread and intrathread-based attacks but also can keep most of the performance benefit from speculative execution and resource-sharing. We evaluate its runtime overhead on SPEC 2017 benchmarks and realistic programs. The experimental results show that SpecWands has a significant performance advantage over the other two representative schemes.
AB - Transient execution attacks (TEAs) have gradually become a major security threat to modern high-performance processors. They exploit the vulnerability of speculative execution to illegally access private data, and transmit them through timing-based covert channels. While new vulnerabilities are discovered continuously, the covert channels can be categorized to two types: 1) Persistent Type, in which covert channels are based on the layout changes of buffering, e.g., through caches or TLBs and 2) Volatile Type, in which covert channels are based on the contention of sharing resources, e.g., through execution units or issuing ports. The defenses against the persistent-type covert channels have been well addressed, while those for the volatile-type are still rather inadequate. Existing mitigation schemes for the volatile type such as Speculative Compression and Time-Division-Multiplexing will introduce significant overhead due to the need to stall the pipeline or to disallow resource sharing. In this article, we look into such attacks and defenses with a new perspective, and propose a scheduling-based mitigation scheme, called SpecWands. It consists of three priority-based scheduling policies to prevent an attacker from transmitting the secret in different contention situations. SpecWands not only can defend against both interthread and intrathread-based attacks but also can keep most of the performance benefit from speculative execution and resource-sharing. We evaluate its runtime overhead on SPEC 2017 benchmarks and realistic programs. The experimental results show that SpecWands has a significant performance advantage over the other two representative schemes.
KW - Resource contention
KW - scheduling strategy
KW - simultaneous multithreading (SMT)
KW - transient execution attack (TEA)
UR - http://www.scopus.com/inward/record.url?scp=85162622401&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85162622401&partnerID=8YFLogxK
U2 - 10.1109/TCAD.2023.3284290
DO - 10.1109/TCAD.2023.3284290
M3 - Article
AN - SCOPUS:85162622401
SN - 0278-0070
VL - 42
SP - 4477
EP - 4490
JO - IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
JF - IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
IS - 12
ER -