Ghostminion: A strictness-ordered cache system for spectre mitigation
S Ainsworth - MICRO-54: 54th Annual IEEE/ACM International …, 2021 - dl.acm.org
Out-of-order speculation, a technique ubiquitous since the early 1990s, remains a
fundamental security flaw. Via attacks such as Spectre and Meltdown, an attacker can trick a …
fundamental security flaw. Via attacks such as Spectre and Meltdown, an attacker can trick a …
All your pc are belong to us: Exploiting non-control-transfer instruction btb updates for dynamic pc extraction
Leaking a program's instruction address (PC) pattern, completely and precisely, has long
been a sought-after capability for microarchitectural side-channel attackers. Case in point …
been a sought-after capability for microarchitectural side-channel attackers. Case in point …
A lightweight isolation mechanism for secure branch predictors
Recently exposed vulnerabilities reveal that branch predictors shared by different processes
leave the attackers with the opportunities for malicious training and perception. Instead of …
leave the attackers with the opportunities for malicious training and perception. Instead of …
Leaking secrets through modern branch predictors in the speculative world
MHI Chowdhuryy, F Yao - IEEE Transactions on Computers, 2021 - ieeexplore.ieee.org
Transient execution attacks that exploit speculation have raised significant concerns in
computer systems. Typically, branch predictors are leveraged to trigger mis-speculation in …
computer systems. Typically, branch predictors are leveraged to trigger mis-speculation in …
Indirector:{High-Precision} Branch Target Injection Attacks Exploiting the Indirect Branch Predictor
This paper introduces novel high-precision Branch Target Injection (BTI) attacks, leveraging
the intricate structures of the Indirect Branch Predictor (IBP) and the Branch Target Buffer …
the intricate structures of the Indirect Branch Predictor (IBP) and the Branch Target Buffer …
[PDF][PDF] HyBP: Hybrid Isolation-Randomization Secure Branch Predictor.
Recently exposed vulnerabilities reveal the necessity to improve the security of branch
predictors. Branch predictors record history about the execution of different processes, and …
predictors. Branch predictors record history about the execution of different processes, and …
Pathfinder: High-Resolution Control-Flow Attacks Exploiting the Conditional Branch Predictor
This paper introduces novel attack primitives that enable adversaries to leak (read) and
manipulate (write) the path history register (PHR) and the prediction history tables (PHTs) of …
manipulate (write) the path history register (PHR) and the prediction history tables (PHTs) of …
Sok: Analysis of root causes and defense strategies for attacks on microarchitectural optimizations
NR Holtryd, M Manivannan… - 2023 IEEE 8th European …, 2023 - ieeexplore.ieee.org
Microarchitectural optimizations are expected to play a crucial role in ensuring performance
scalability in the post-Moore era. However, recent attacks have demonstrated that these …
scalability in the post-Moore era. However, recent attacks have demonstrated that these …
A novel probabilistic saturating counter design for secure branch predictor
LT Zhao, R Hou, K Wang, YL Su, PN Li… - Journal of Computer …, 2021 - Springer
In a modern processor, branch prediction is crucial in effectively exploiting the instruction-
level parallelism for high-performance execution. However, recently exposed vulnerabilities …
level parallelism for high-performance execution. However, recently exposed vulnerabilities …
Uncovering and Exploiting AMD Speculative Memory Access Predictors for Fun and Profit
This paper presents a comprehensive investigation into the security vulnerabilities
associated with speculative memory access on AMD processors. Firstly, employing novel …
associated with speculative memory access on AMD processors. Firstly, employing novel …