Abstract:
Microarchitectural attacks continue to present a significant security risk to computer systems, irrespective of the presence of software vulnerabilities. Particularly con...Show MoreMetadata
Abstract:
Microarchitectural attacks continue to present a significant security risk to computer systems, irrespective of the presence of software vulnerabilities. Particularly concerning among these are spectre-style breaches, capitalizing on speculative execution, a crucial feature of modern CPUs that is designed to optimize performance. Recently, several testing tools have been devised to detect speculative leaks within commercial (black-box) CPUs automatically.Notwithstanding the prevalence of microarchitectural leaks, the corresponding codes given by researchers to outline these vulnerabilities are often tailored to particular processor types. Verifying the existence of similar conditions in various processors typically demands manual modifications to code. Given the development of fuzz testing technology in the field of transient execution, this paper investigates the characteristics of template-based and model-based methods of fuzzing tools, subsequently proposing an automated process that based on fuzzing to minimize the manual effort demanded to test and verify vulnerabilities in differing processor types. This method can substantially reduce the time consumed when assessing if a processor is susceptible to recognized attack forms.
Published in: 2024 27th International Conference on Computer Supported Cooperative Work in Design (CSCWD)
Date of Conference: 08-10 May 2024
Date Added to IEEE Xplore: 10 July 2024
ISBN Information: