基于动态分支过滤的SMT执行端口侧信道安全防护

岳晓萌; 杨秋松; 李明树

doi:10.12263/DZXB.20210210

您当前的位置：

首页 >

文章列表页 >

基于动态分支过滤的SMT执行端口侧信道安全防护

学术论文 | 更新时间：2025-12-08

- 基于动态分支过滤的SMT执行端口侧信道安全防护
- SMT Port Side Channel Attack Defending Method Based on Dynamic Branch Filter
- 电子学报 2022年50卷第7期页码：1594-1599
- 作者机构：
  
  1.中国科学院软件研究所基础软件国家工程研究中心，北京 100190
  2.中国科学院大学，北京 100049
- 作者简介：
  
  [ "岳晓萌男，1989年12月生，山东青州人.2021年毕业于中国科学院大学，计算机软件与理论博士，主要研究方向为操作系统、计算机架构和系统安全.E-mail: xiaomeng@iscas.ac.cn" ]
  [ "杨秋松男，1977年生，博士，教授、博士生导师. 主要研究方向为操作系统、软件工程和系统安全.E-mail: qiusong@iscas.ac.cn" ]
  [ "李明树男，1966年生，博士，教授、博士生导师. 主要研究方向为操作系统、软件工程和分布式系统.E-mail: mingshu@iscas.ac.cn" ]
- 基金信息：
  
  “核高基”国家科技重大专项基金(2014ZX01029101-002);中国科学院战略性先导科技专项(XDA-Y01-01);中国科学院战略性先导科技专项(XDC05020200)
- DOI：10.12263/DZXB.20210210
  中图分类号： TP309.2
- 收稿：2021-02-03，
  
  修回：2021-12-22，
  
  纸质出版：2022-07-25
- 稿件说明：
移动端阅览
岳晓萌,杨秋松,李明树.基于动态分支过滤的SMT执行端口侧信道安全防护[J].电子学报,2022,50(07):1594-1599.

YUE Xiao-meng,YANG Qiu-song,LI Ming-shu.SMT Port Side Channel Attack Defending Method Based on Dynamic Branch Filter[J].ACTA ELECTRONICA SINICA,2022,50(07):1594-1599.
岳晓萌,杨秋松,李明树.基于动态分支过滤的SMT执行端口侧信道安全防护[J].电子学报,2022,50(07):1594-1599. DOI： 10.12263/DZXB.20210210.

YUE Xiao-meng,YANG Qiu-song,LI Ming-shu.SMT Port Side Channel Attack Defending Method Based on Dynamic Branch Filter[J].ACTA ELECTRONICA SINICA,2022,50(07):1594-1599. DOI： 10.12263/DZXB.20210210.

摘要

同时多线程（Simultaneous Multi-Threading，SMT）技术是提升线程级并行度的重要微架构优化技术之一，以SMoTherSpectre为代表的利用SMT环境下共享分支预测器和执行端口的时间侧信道攻击表明SMT技术在提升性能的同时也存在显著的安全隐患.基于记录分支预测错误刷新及调整执行端口资源使用策略，提出了一种SMT环境下执行端口时间信道攻击防护方法.该方法实现了分支过滤和动态资源使用策略修改组件，在防护有效性上可以达到关闭SMT技术的防护效果，性能开销仅为关闭SMT技术的22%，硬件开销可控.

Abstract

Simultaneous multi-threading(SMT) is one of the important micro-architecture optimization technologies to improve thread-level parallelism. The timing channel attack represented by SMoTherSpectre using shared branch predictors and execution ports in SMT environment shows that SMT technology has significant security risks as well as performance improvements. Based on recording branch misprediction refresh and dynamically adjusting the execution port resource utilization strategy

this paper proposes an approach for defending a timing channel attack on execution port in SMT environment. The approach implements a branch filter and a dynamic resource editor. This approach can achieve the same protection effect of turning off SMT technology

and the performance cost is only 22%

meanwhile

the hardware cost is controllable.

关键词

Keywords

references

MARR D T , BINNS F , HILL D L . Hyper-threading technology architecture and microarchitecture [J]. Intel Technology Journal , 2002 , 6 ( 1 ): 1 - 12 .

ACIÇMEZ O , SEIFERT J P . Cheap hardware parallelism implies cheap security [C]// Proc of the Workshop on Fault Diagnosis & Tolerance in Cryptography . Vienna : IEEE , 2007 : 80 - 91 .

GE QIAN , YAROM Y , COCK D , et al . A survey of microarchitectural timing attacks and countermeasures on contemporary hardware [J]. Journal of Cryptographic Engineering . 2016 , 8 ( 1 ): 1 - 27 .

HE Z , LEE R B . How secure is your cache against side-channel attacks? [C]// 50th Annual IEEE/ACM International Symposium . Cambridge : ACM , 2017 : 341 - 353 .

WANG ZHENGHONG , LEE R . Covert and side channels due to processor architecture [C]// Proc of the 22nd Annual Computer Security Applications Conference . Miami Beach : IEEE , 2006 : 473 - 482 .

ALDAYA A , BRUMLEY B , HASSAN S U , et al . Port contention for fun and profit [C]// Proc of the Symposium on Security and Privacy . San Francisco : IEEE , 2019 : 19 - 23 .

BHATTACHARYYA A , SANDULESCU A , NEUGSCHWANDTNER M , et al . SMoTherSpectre: Exploiting speculative execution through port contention [C]// Proc of the 2019 ACM SIGSAC Conf on Computer and Communications Security . London : ACM , 2019 : 785 - 800 .

PERCIVAL C . Cache missing for fun and profit [J/OL]. ( 2019-12-16 )[ 2021-12-22 ] http://www.daemonology.net/papers/htt.pdf http://www.daemonology.net/papers/htt.pdf .

HU WEIMING . Reducing timing channels with fuzzy time [C]// Proc of the 1991 IEEE Computer Society Symposium on Research in Security and Privacy . Oakland,CA : IEEE , 1991 : 8 - 20 .

ZHANG YUE , ZHU ZIYUAN , MENG DAN . DDM: A demand-based dynamic mitigation for SMT transient channels [C]//IEEE Intl Conf on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking. Xiamen : IEEE , 2019 : 614 - 621 .

HE Z , et al . New models for understanding and reasoning about speculative execution attacks [C]// IEEE International Symposium on High-Performance Computer Architecture(HPCA) . Seoul : IEEE , 2021 : 40 - 53 .

KOCHER P , GENKIN D , GRUSS D , et al . Spectre attacks: Exploiting speculative execution [J]. Communications of the ACM , 2020 , 63 ( 7 ): 93 - 101 .

BINKERT N , BECKMANN B , BLACK G , et al . The gem5 simulator [J]. ACM SIGARCH Computer Architecture News , 2011 , 39 ( 2 ): 1 - 7 .

HENNING J L . SPEC CPU2006 benchmark descriptions [J]. ACM SIGARCH Computer Architecture News , 2006 , 4 ( 34 ): 1 - 17 .

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

暂无数据