Loading [a11y]/accessibility-menu.js
Implementing Fuzz-Based Technology for Detecting Spectre-Style Vulnerabilities | IEEE Conference Publication | IEEE Xplore

Implementing Fuzz-Based Technology for Detecting Spectre-Style Vulnerabilities


Abstract:

Microarchitectural attacks continue to present a significant security risk to computer systems, irrespective of the presence of software vulnerabilities. Particularly con...Show More

Abstract:

Microarchitectural attacks continue to present a significant security risk to computer systems, irrespective of the presence of software vulnerabilities. Particularly concerning among these are spectre-style breaches, capitalizing on speculative execution, a crucial feature of modern CPUs that is designed to optimize performance. Recently, several testing tools have been devised to detect speculative leaks within commercial (black-box) CPUs automatically.Notwithstanding the prevalence of microarchitectural leaks, the corresponding codes given by researchers to outline these vulnerabilities are often tailored to particular processor types. Verifying the existence of similar conditions in various processors typically demands manual modifications to code. Given the development of fuzz testing technology in the field of transient execution, this paper investigates the characteristics of template-based and model-based methods of fuzzing tools, subsequently proposing an automated process that based on fuzzing to minimize the manual effort demanded to test and verify vulnerabilities in differing processor types. This method can substantially reduce the time consumed when assessing if a processor is susceptible to recognized attack forms.
Date of Conference: 08-10 May 2024
Date Added to IEEE Xplore: 10 July 2024
ISBN Information:

ISSN Information:

Conference Location: Tianjin, China

Funding Agency:


References

References is not available for this document.