-
摘要:
瞬态执行攻击利用处理器优化措施绕过安全检查,进而通过隐蔽信道传输并窃取敏感信息. 其中,Meltdown和Spectre攻击尤为知名,波及包括Intel,ARM,AMD在内的主流商用处理器. 尽管处理器制造商已采取相应防御措施,但相关变种攻击仍不断被研究人员发现并公之于众. 为深化对瞬态执行攻击的理解并实施有效防御,对各种隐蔽信道下的瞬态执行攻击进行了剖析. 首先,提炼出了瞬态执行攻击的共同特征,并系统性构建了全新的瞬态执行攻击模型. 其次,总结了现有研究中涉及的各类隐蔽信道,将瞬态执行攻击归纳总结为3类:乱序执行驱动的熔断型攻击、错误分支预测驱动的幽灵型攻击以及错误数据预测驱动的数据采样型攻击,并梳理了各类型攻击的核心要点及关联性. 其中,首次对数据采样型攻击进行了系统性归纳和整理. 接着,从隐蔽信道利用、攻击适用场景和微架构通用性3个维度分析和评估了各攻击变种的能力. 最后,结合上述针对处理器微架构和隐蔽信道的深入分析与总结,展望了瞬态执行攻击研究的未来研究方向,以期为后续研究工作提供有力支撑.
Abstract:Transient execution attacks (TEAs) exploit processor optimizations to bypass security checks and exfiltrate sensitive information through covert channels. Among them, Meltdown and Spectre attacks have become prominent, affecting mainstream commercial processors such as Intel, ARM, and AMD. Despite the defensive measures implemented by processor manufacturers, variants of these attacks continue to be discovered and disclosed by researchers. To improve the understanding of TEAs and deploy robust defenses, this paper comprehensively analyzes TEAs under various covert channels. Initially, the common characteristics of TEAs are extracted, and a novel model for TEAs is systematically constructed. Subsequently, we summarize the various types of covert channels involved in existing research, classify the TEAs into three types: Meltdown type attacks driven by out-of-order execution (OoOE), Spectre type attacks driven by branch misprediction, and microarchitecture data sampling (MDS) type attacks driven by data misprediction, and delineate the key aspects and relationships of each type of attack. Notably, this paper systematically compiles and categorizes MDS type attacks for the first time. Then, the capabilities of each attack variant were meticulously analyzed and evaluated from three dimensions: covert channel, attack applicable scenarios, and microarchitecture immunity status, which aids security researchers in developing new, more destructive attack types based on the deficiencies of the existing attack-related research. Finally, combined with the above-mentioned comprehensive and in-depth analysis and summary of processor microarchitecture and covert channels, this paper anticipates the future trajectory of TEAs research, hoping to provide strong support for subsequent research work.
-
如今,图数据越来越多地结合时间信息以描述节点之间的动态关系,这种图被称为时序图[1]. 时序图通常由一组节点和一系列带有时间戳的有向边表示,这些边被称为时序边. 时序图因在互联网、金融、交通等领域的普遍性引起了广泛研究[2-6]. 基于关系动态演化的特性,图数据可建模为时序图流(temporal graph streams),其中的节点和时序边随时间动态增加. 例如,社交网络[2-4]可由时序图流来表示,其中1个用户被表示为1个节点,在某个时刻2个用户间的联系被表示为1条时序边,且节点和时序边随时间不断地产生. 类似地,计算机网络传输数据、交易数据等也可以建模为时序图流.
时序图流的一个基本问题是计算时序图流中特定时序子图(temporal motif)的出现次数. 该问题具有广泛的实际应用,例如网络特征标识[5,7]、结构预测[8]和欺诈检测等[9]. 时序图中子图[10-11]的概念在传统子图上进行了拓展. 它不仅需要考虑子图结构,还要考虑时间信息,包括时序边的顺序和子图持续时间. 例如,图1中M和M′是不同的时序子图. 虽然M和M′具有完全相同的拓扑结构,但它们的时序边的顺序是不同的. 因此,尽管传统子图计数已得到深入研究,这些方法很难直接应用于时序子图计数(temporal motif counting)问题[5-11].
时序图流中时序子图计数是一项具有挑战性的任务. 首先,该问题至少面临传统子图计数相同的困难,其时间复杂度随子图的边数呈指数增长. 其次,由于时序子图额外考虑了时间信息,其计算过程更为复杂. 例如,传统的时序k-星子图(k-stars)计数存在简单的多项式时间算法;然而,由于时序边顺序的组合性质,时序k-星子图计数问题已被证明是NP难问题[8]. 然后,时序图是一种多边图,它允许同一对节点之间存在多条不同时间戳的边. 因此,在同一组节点中可能存在许多不同的时序子图实例,导致计算复杂度进一步增加. 最后,图数据流模型随时间增量地获取节点和边信息,不能事先得到全部数据,且需在任意时刻计算当前已获取数据中时序子图的数目. 这些都给计数问题带来更多挑战.
目前已有一些方法可用于时序子图精确计数[5]或枚举[9,12]问题. 然而,它们效率低,通常难以扩展到包含数亿条边的大规模时序图[8]. 另外,文献[8]提出了一种时序子图采样计数方法. 它将时序图划分为相等的时间间隔,在采样的时间间隔内,使用精确算法[12]计算子图实例的数目,并根据每个采样间隔里的计数估算总数目. 文献[13]提出了基于边采样的时序子图近似计数方法. 然而,上述方法面向的是离线时序图,即可提前获取全部数据的时序图,因此,不适用于随时间动态变化的时序图流模型.
本文针对时序图流动态变化的特点,提出了流式时序子图近似计数算法,以处理因规模太大而无法一次性全部装入内存的大规模时序图数据或随时间持续生成的时序图流,分析了算法估计值的期望和方差. 本文的主要贡献有3点:
1) 提出了流式边采样(streaming edge sampling,SES)算法估算时序图流中时序子图的实例个数. 当1条时序边到达时,SES算法基于蓄水池采样方法实时决定是否采样该条边,如果采样则使用回溯法枚举包含该边的局部子图实例并计数. 然后根据所有被采样边的局部计数估算当前时序图流中时序子图的出现次数.
2) 对SES算法返回估计值的期望、方差以及时间复杂度进行深入的理论分析.
3) 在4个真实数据集上进行实验,实验结果验证了SES算法的有效性. 与最先进的基线方法相比,SES算法在时序图流处理上更新速度快,实现超过3个数量级的加速,并且计算精确度仍具有可比性.
1. 相关工作
目前关于时序子图的研究定义了各种类型的时序子图. Viard等人[14]、Viard等人[15]和Himmel等人[16]将最大团的概念扩展到时序图,并提出了有效的最大团枚举算法. Li等人[6]提出了持续k核的概念以捕捉时序图中社团的持久性. 然而,两者都没有考虑边的顺序. Gurukar等人[2]提出了通信子图来表示社交或通信网络中信息传播的频繁模式. Kosyfaki等人[10]和Kovanen等人[11]定义了流子图来建模时序图中一个时间窗口内一组节点之间的流传输. Oettershagen等人[17]在有标签的时序网络中引入时序子图核用于对传播过程进行分类. 尽管通信子图、流子图和时序子图核都考虑了边的顺序,但定义具有限制性,因为通信子图假设任意2条相邻边必须在固定的时间间隔内出现,流子图假设一个子图中的边必须是连续事件,时序子图核针对节点有标签的时序图.
目前已有关于时序子图枚举与计数的研究. Paranjape等人[5]首先正式定义了时序子图的概念并提出了精确计数方法,在投影静态图中进行简单子图枚举,再根据时间信息剪枝并精确计数时序子图. Cai等人[18]将蝴蝶(butterfly)扩展到了时序网络,并提出时序蝴蝶枚举和计数算法. Kumar等人[9]提出了一种高效算法2SCENT枚举有向时序图中所有简单的时序环. 2SCENT被证明对时序环有效,但它不能用于枚举其他类型的时序子图. 潘敏佳等人[19]提出一种通过添加环路信息来削减搜索空间的新型时序环枚举算法. Mackey等人[12]提出了一种有效的时序子图回溯算法. 该算法通过对所有时序子图进行枚举,实现了精确计数. Liu等人[8]提出了基于区间的采样的时序子图计数算法. Wang等人[13]提出了一种通用的边采样时序子图计数方法以及专门用于3个节点、3条边的边-楔形混合采样算法. 然而,这些算法均需要事先获取离线数据,无法高效应用于图流数据模型.
流式子图计数问题的主要限制是数据动态产生,图的所有信息不能提前保存在内存中,并且数据只能被遍历1次. 因此,当新边出现时,流式子图计数算法需要对之前的计算结果进行更新处理,并返回当前图流上的子图计数. 根据各种采样方法使用的内存预算是否固定,现有流式子图计数算法大概可以分为2类:基于伯努利采样的方法[20-21]和基于蓄水池采样的方法[22-25]. 其中伯努利采样要求样本是联合独立的,并且不限制样本大小,因此,数据流中新数据不断产生,可能导致该算法使用内存超过可用内存空间. 而基于蓄水池采样可在内存大小固定的情况下对数据流均匀采样,实现子图计数的无偏估计. 因此基于蓄水池采样的流式子图计数算法得到广泛研究. 本文提出一种流式边采样时序子图近似计数算法,与文献[5, 8-9, 12-13]中的算法进行了比较.
Hassan等人[22]基于蓄水池采样方法计算流式图的特征向量,捕获图的基本结构进行图分类. Wang等人[23]基于蓄水池采样方法提出了一种边加权采样方法WSD来估算图流中子图的计数,并且基于强化学习的方法,以数据驱动的方式确定边的权重. Li等人[24]利用二分图性质,基于蓄水池采样提出高效采样算法CAS用于近似计算二分图流中蝴蝶的数目. Xuan等人[25]提出用于计算全局和局部三角形数目的有界采样率算法BSR-TC,该算法基于蓄水池采样方法,并且可在不断演化的图流上自适应地向上调整内存预算的大小. 但是,这些方法没有考虑时间信息,无法直接应用于时序子图计数.
2. 问题定义
本节正式定义了时序图流、时序子图,以及在时序图流上的子图计数问题.
定义1. 时序图流. 一个时序图流 Γ(t)=(VΓ(t),EΓ(t))由包含nt个节点的集合VΓ(t)和各节点之间的mt条带有时间戳的边序列EΓ(t)组成,其中时序边的时间戳不大于时间t. 时序边e=(u,v,t)表示在时间t生成的从u到v的一条有向边,其中u,v∈VΓ(t),并且t∈R+. Γ(t)中节点、时序边可随时间动态增加.
在不同的时间t,从u到v可能有许多时序边. 例如,一个用户可以在Reddit上多次评论另一个用户的帖子. 为了便于表示,本文假设每个时序边的时间戳都是唯一的,因此时序边是严格有序的. 需注意的是,若数据中边的时间戳不唯一,可使用一些规则对相同时间戳的边进行排序. 因此,本文方法的应用具有普遍性.
定义2. 时序子图. 一个时序子图M=(VM,EM,σ)由包含k个节点的集合VM和包含p条边的集合EM组成的一个连通图,以及EM中边的顺序σ构成.
直观地,一个时序子图M可以表示为一个有序的边序列⟨e′1=(u′1,v′1),e′2=(u′2,v′2),…,e′p=(u′p,v′p)⟩. 另外,在实际社交网络中,1 h内形成的子图实例比1年内意外形成的实例更有研究价值[2,5]. 所以,本文只考虑在短时间内形成时序子图的情况. 因此,给定一个时序图流Γ和一个时序子图M,目标是找到一个边序列s⊆E,使得:1)s与M结构相同;2)s与指定的顺序σ相同; 3)s中的所有边都出现在最大为δ的时间跨度内. 并将这样的边序列s称为M的一个δ-实例[5,8],其中tp和t1之间的差称为实例s的时长Δs. 下面是正式定义.
定义3. 子图δ-实例 (motif δ-instance). 时序图流Γ中的一个p条边的序列s=⟨(w1,x1,t1),(w2,x2,t2),…,(wp,xp,tp)⟩,其中(t1<t2<…<tp),是时序子图M=⟨(u′1,v′1),…,(u′p,v′p)⟩的δ-实例,如果: 1)s和M的节点集合之间存在一个双映射函数f,使得f(wi)=u′i并且f(xi)=v′i对于所有的i=1,2,…,p;2) 实例s的时长Δs最大是δ,即tp−t1⩽.
例1. 图2中展示时序子图M1及其 \delta -实例. M1的 \delta -实例不仅与M1完全同构,而且边的时间戳要满足 {t_1} \leqslant {t_2} \leqslant {t_3} ,并且 {t_3} - {t_1} \leqslant \delta .
定义4. 时序图流中时序子图计数. 给定一个大小未知的时序图流 \varGamma 、时序子图 M 、时间跨度 \delta ,在任意时刻 t ,返回可观测时序图流 \varGamma (t) 中出现的 M 的 \delta -实例的数目 {C_M}(t) .
算法1. SES算法.
输入:时序图流 \varGamma ,时序子图M,时间间隔\delta ,蓄水池大小r;
输出:时刻t, \varGamma (t) 中M的 \delta -实例数估计值 {\hat C_M}(t) .
① {\hat E_\varGamma } \leftarrow \varnothing;
② for e=(u,v,t) do
③ 更新活跃时序边集合 {E_\varGamma }[t - \delta ,t] ;
④ if mt<r then
⑤ {\hat E_\varGamma } \leftarrow {\hat E_\varGamma } \cup \{ e\} ;
⑥ 将e映射到 {e'_p} ,生成一个初始实例s(1);
⑦ 从s(1)开始运行回溯算法,找到集合 S(e)={s(e): s(e)是M的1个δ-实例,其 中e映射到 {e'_p} };
⑧ \eta (e) \leftarrow |S(e)|;
⑨ return {\hat C_M}(t) = \displaystyle\sum\limits_{e \in {{\hat E}_\varGamma }(t)} {\eta (e)} ;
⑩ else if random[0,1)<r/mt then
⑪ 从 {\hat E_\varGamma } 选择随机边g,并用边e替换g;
⑫ 重复行⑥~⑧;
⑬ return {\hat C_M}(t) = \dfrac{{{m_t}}}{r}\displaystyle\sum\limits_{e \in {{\hat E}_\varGamma }(t)} {\eta (e)} ;
⑭ end if
⑮ end for
3. SES算法
本节在3.1节中详细描述流式边采样算法的过程,并在3.2节中从均值、方差以及时间复杂度3方面对算法进行分析.
3.1 算法描述
本文提出一种基于蓄水池采样的SES算法,使其能够在任意时刻 t 返回时序图流 \varGamma (t) 中时序子图 M 出现次数 {C_M}(t) 的估计值 {\hat C_M}(t) . 蓄水池采样预先设置一个存放采样数据的蓄水池,并对其进行维护(添加或删除采样数据),使其在任意时刻都是可观测数据流的一个无偏样本集合. 蓄水池采样主要有3方面优点:首先,它能够预先设置蓄水池的大小,对于大小未知的数据流也是如此. 因此,可在算法运行前为其确定适当的内存大小. 其次,它只需要在数据流上进行1次遍历,而不需要预先或后期再次处理数据集. 最后,对于任意时刻的可观测数据流,它都能均匀采样,在此基础上能够及时获取最新估计值. 鉴于上述优点,蓄水池采样已被广泛应用于流式子图计数研究. 然而,这些工作没有考虑图结构的时间信息,不能用于处理时序图流数据. 因此,本文提出SES算法.
SES算法的基本思想为:通过蓄水池采样从时序图流中均匀采样固定数目的时序边集合,然后计算采样边的局部时序子图数目,最后根据每条采样边的局部计数估算可观测时序图流中全局时序子图的数目.
算法1给出了SES算法的详细实现过程. 给定一个随时间不断增加新边的时序图流 \varGamma 、一个时序子图 M 、一个时间跨度 \delta 和蓄水池大小r,初始化蓄水池为空集(行①). 当任意一条时序边 e = (u,v,t) 到来时,首先,更新活跃的时序边集合 {E_\varGamma }[t - \delta ,t] (行③),该集合中只包含时间在 [t - \delta ,t] 内的时序边,是后面进行局部子图计数的搜索空间. 其次,使用蓄水池采样方法实时决定是否采样边 e (行④~⑭),并通过添加或删除采样边维护蓄水池 {\hat E_\varGamma } ,详细过程后面将进行介绍. 若e被采样,SES算法通过在 {E_\varGamma }[t - \delta ,t] 上进行精确枚举或近似估算得到包含该边的时序子图 M 的 \delta -实例数目(即局部子图数目) \eta (e) (该过程后面详细描述). 最后,在时刻t, \varGamma (t) 中 M 的 \delta -实例数目就等于所有采样边的局部计数的和除以采样率 \max \{ 1,r/{m_t}\} ,即 {\hat C_M}(t) = \displaystyle\sum\limits_{e \in {{\hat E}_\varGamma }(t)} {\eta (e)} (当 r > {m_t} )(行⑨);{\hat C_M}(t) = \dfrac{{{m_t}}}{r}\displaystyle\sum\limits_{e \in {{\hat E}_\varGamma }(t)} {\eta (e)} (当 r < {m_t} )(行⑬),其中 {\hat E_\varGamma }(t) 指时刻t的采样边集或蓄水池.
SES使用蓄水池采样过程如算法1的行④~⑭所示:当一条时序边 e = (u,v,t) 生成时,如果 {m_t} \leqslant r ,则采样率为1,将 e 放入蓄水池;如果 {m_t} > r ,则以 r/{m_t} 的采样率对其进行采样. 具体过程如下:SES生成一个 [0,1) 之间的随机数,如果随机数小于 r/{m_t} ,SES在采样边集 {\hat E_\varGamma } 中随机选择一条边 g ,并用边 e 替换 g . 实际情况下, {m_t} >> r ,因此SES使用蓄水池采样可实现均匀采样,且采样率为 r/{m_t} .
局部子图计数 \eta (e) 的过程为:对于任一采样边 e = (u,v,t) ,SES通过回溯法枚举时序子图 M 的 \delta -实例 S(e) ,其中e匹配M中最后一条边 {e'_p} ,进而精确计算e的局部子图数目 \eta (e) . 值得注意的是,该过程是在活跃边集 {E_\varGamma }[t - \delta ,t] 上运行的,由于时序子图的时长约束和图流的特征,此处忽略其他边不影响计数结果. 算法1省略了回溯法的详细过程,因为它基本遵循现有时序子图同构的算法[12-13],最主要区别在于匹配顺序.
文献[12]的回溯法采用时间优先匹配原则,总是根据M中 \langle {{{{e'}_1},{{e'}_2},…,{{e'}_p}}} \rangle 的顺序进行匹配. 该方法充分利用时间信息对搜索空间进行剪枝. 文献[13]中ES算法对每一条采样边都运行p次回溯法,分别枚举e匹配 {e'_1},{e'_2},…,{e'_p} 时的时序子图,每个时序子图都被枚举p次. 这2种方法都不适用于时序图流. 主要原因是,它们的搜索空间都包含e之后的数据,而时序图流中e之后的数据尚未到来,无法实现匹配,会导致 \eta (e) 计算错误.
为使回溯法适应时序图流,并且提高枚举效率,SES首先匹配M中最后1条边 {e'_p} ,其他边的匹配顺序要遵循强制连接性和第1条边优先的原则. 强制连接性指的是,现在待匹配的边必须与一条已匹配的边相邻. 第1条边优先则是指,若有多条待匹配的边满足强制连接性,则M中第1条未匹配的边 {e'_1} 将优先进行匹配. 第1个规则可以避免冗余的部分匹配,第2个规则可以限制搜索范围,这2个规则能有效地对搜索空间进行剪枝.
例2. 以图2中M1为例,确定其匹配顺序,首先匹配M1中的最后1条边 {e'_3} ,然后,根据强制连接性规则可选择 {e'_1} 或者 {e'_2} 作为第2条匹配边,并根据第2条边优先规则最终选择 {e'_1} . 然后, {e'_2} 作为下一条匹配边. 因此, \left\langle {{{{e'}_3},{{e'}_1},{{e'}_2}}} \right\rangle 为M1的有效匹配顺序.
例3. 图3展示了使用SES算法在时序图流 \varGamma 中枚举M1的 \delta -实例( \delta = 10 )的过程. 图3(a)是时刻t=33的时序图流 \varGamma ,包含了4个节点和13条时序边. 当边 e = (b,a,33) 到来时,根据SES算法,更新活跃边集合 {E_\varGamma }[23,33] (图3(b)所示),集合中包含了在时间范围[23,33]的所有时序边,是后面进行回溯的搜索空间. 图3(c)是使用回溯法为e枚举M1的10-实例的过程. 每次匹配步骤的状态 ({v_{{\text{start}}}},{v_{{\text{end}}}},[{t_{{\text{start}}}},{t_{{\text{end}}}}]) 形式给出,其中 {v_{{\text{start}}}} 和 {v_{{\text{start}}}} 分别是起始节点和结束节点, [{t_{{\text{start}}}},{t_{{\text{end}}}}] 是时间范围. 在图3中,“ * ”指可以匹配到任意一个未匹配的节点,并使用“√”表示匹配成功. 按照例2中 \langle {{{e'_3},{e'_1},{e'_2}}} \rangle 的匹配顺序,SES枚举得到1个实例,因此 \eta (e) = 1 .
类似文献[13],针对3个节点3条边的时序子图,SES进一步优化局部子图计算过程,通过结合楔形采样近似估算采样边的局部子图数目. 首先匹配最后1条边,再采样与该边形成楔形的邻边,计算包含此楔形的时序子图数,在此基础上,估算采样边的局部子图数目.
3.2 理论分析
本节从理论上分析算法1返回的估计值 {\hat C_M}(t) . 首先在定理1中证明了 {\hat C_M}(t) 是 {C_M}(t) 的一个无偏估计. 然后在定理2中给出 {\hat C_M}(t) 的方差.
定理1. 由算法1返回的 {\hat C_M}(t) 的期望值 E({\hat C_M}(t)) 是 {C_M}(t) .
证明. 给定任意时刻t的时序图流 \varGamma (t) 和蓄水池大小r,首先给可观测的mt条边设置索引编号 [1,{m_t}] ,一般情况下 {m_t} > r ,并使用一个布尔变量 {\omega _i} 来表示第i条边 {e_i} 是否被采样,即
{\omega _i} = \left\{ {\begin{aligned} &{1,}\quad{{e_i} \in {{\hat E}_\varGamma }(t),} \\ &{0,}\quad{{e_i} \notin {{\hat E}_\varGamma }(t),} \end{aligned}} \right. 那么,可以得到
{\hat C_M}(t) = \frac{{{m_t}}}{r}\sum\limits_{e \in {{\hat E}_\varGamma }(t)} \eta (e) = \frac{{{m_t}}}{r}\sum\limits_{i = 1}^{{m_t}} {{\omega _i}} \eta ({e_i}). (1) 然后,基于式(1)和 E({\omega _i}) = \dfrac{r}{{{m_t}}} ,可得
E({\hat C_M}(t)) = \frac{{{m_t}}}{r}\sum\limits_{i = 1}^{{m_t}} E ({\omega _i})\eta ({e_i}) = \sum\limits_{i = 1}^{{m_t}} \eta ({e_i}) = {C_M}(t), 最后得出结论. 证毕.
定理2. 算法1返回值 {\hat C_M}(t) 的方差值 Val[{\hat C_M}(t)] 最多为 \dfrac{{{m_t} - r}}{r}C_M^2(t) .
证明. 根据式(1),可以得到
\begin{split} Val[{\hat C_M}(t)] =& Val\left[\sum\limits_{i = 1}^{{m_t}} {\frac{{{m_t}\eta ({e_i})}}{r}} \cdot {\omega _i}\right] = \\ &\sum\limits_{i,j = 1}^{{m_t}} {\frac{{{m_t}\eta ({e_i})}}{r}} \frac{{{m_t}\eta ({e_j})}}{r}Cov({\omega _i},{\omega _j}). \end{split} 因为当 i \ne j 时,变量 {\omega _i} 和 {\omega _j} 是相互独立的,所以对于任何 i \ne j ,有 Cov({\omega _i},{\omega _j}) = 0 . 此外, Cov({\omega _i},{\omega _i}) = Val[{\omega _i}] = \dfrac{r}{{{m_t}}} - {\left(\dfrac{r}{{{m_t}}}\right)^2} . 根据以上结果,可以得到
\begin{split} Val[{\hat C_M}(t)] = &\sum\limits_{i = 1}^{{m_t}} {\frac{{{m_t}^2{\eta ^2}({e_i})}}{{{r^2}}}} \left(\frac{r}{{{m_t}}} - \left(\frac{r}{{{m_t}}}\right)^2\right) = \\ &\frac{{{m_t} - r}}{r}\sum\limits_{i = 1}^{{m_t}} {{\eta ^2}} ({e_i}) \leqslant \frac{{{m_t} - r}}{r}{\left(\sum\limits_{i = 1}^{{m_t}} \eta ({e_i})\right)^2} = \\ &\frac{{{m_t} - r}}{r}C_M^2(t),\end{split} 最后得出结论. 证毕.
根据定理2的结果和切比雪夫不等式,可得 Pr[|{\hat C_M}(t) - {C_M}(t)| \geqslant \varepsilon {C_M}(t)] \leqslant \dfrac{{{m_t} - r}}{{r{\varepsilon ^2}}} . 因此,当 r = \dfrac{{{m_t}}}{{1 + \gamma {\varepsilon ^2}}} 时, {\hat C_M}(t) 是 {C_M}(t) 的 (\varepsilon ,\gamma ) 估计值,其中 \varepsilon ,\gamma \in (0,1) .
时间复杂度分析:首先分析计算一条边e的局部计数 \eta (e) 的时间复杂度. 由于SES算法中的回溯枚举过程只计算当e匹配 {e'_p} 时的情况,并且搜索空间最多 {E_\varGamma }[t - \delta ,t] . 那么,计算 \eta (e) 的时间复杂度是 O(d_\delta ^{l - 1}) ,其中 {d_\delta } 表示与1个节点连接的在任意长度时间间隔 \delta 内的出边或入边的最大数目. 所以,SES在 O\left(\dfrac{{{m_t}d_\delta ^{l - 1}}}{{1 + \gamma {\varepsilon ^2}}}\right) 时间内提供 {C_M}(t) 的 (\varepsilon ,\gamma ) 估计值. SES比文献[13]中ES算法的时间复杂度低,因为每个时序子图SES只计数1次,而ES计算p次.
4. 实验评估
本节将在4个真实的时序网络数据集上进行大量对比实验,评估SES算法的实验性能. 首先在4.1节中介绍实验设置,然后在4.2节分析实验结果.
4.1 实验设置
所有实验都运行在Ubuntu 18.04.1 LTS操作系统的服务器上,该服务器采用Intel® Xeon® Gold 6140 2.30 GHz处理器和250 GB主内存. 本文使用的所有数据集和代码都是公开. 关于对比算法,我们下载了原作者发布的代码[5,8-9,12-13],并按照说明进行编译和使用. 所有算法都是在基于GCC v7.4编译器的C++11上实现的,并在单个线程上运行.
实验中使用了4种不同的真实世界数据集,包括SuperUser(SU),StackOverflow(SO),BitCoin(BC),RedditComments(RC). 所有数据集都是从SNAP数据库[26]等公开平台下载的. 每个数据集都可表示为一个按时间顺序产生的时序边序列. 表1中展示了数据集的统计信息,时间跨度是数据集的总时间跨度.
表 1 数据集统计Table 1. Statistics of Datasets数据集 节点数 时序边数 时间跨度/年 SU 192 409 1 108 716 7.60 SO 2 584 164 47 902 865 7.60 BC 48 098 591 113 100 979 7.08 RC 5 688 164 399 523 749 7.44 实验中将所提SES算法与下列算法进行比较.
1)EX是一种时序子图精确计数算法[5],且仅适用于3条边的子图,不支持有4条或更多边的子图(如图4中的Q5).
2)2SCENT是一种对简单时序环(如图4中的Q4和Q5)枚举的算法[9].
3)BT是用于时序子图同构的一种回溯算法[12]. 它通过枚举所有时序子图来精确计数任意时序子图的数目.
4)IS-BT是一种基于区间的时序子图采样计数算法[8],其中BT [12]作为子算法用于精确计数2个或更多顶点的子图.
5)ES是基于边采样的时序子图近似计数算法[13].
6)EWS是结合边采样和楔形采样的近似计数算法[13],用于计数有3个节点和3条边的时序子图(如图4中的Q1~Q4).
5个查询子图如图4所示. 一个算法可能不适用于某些子图,这种情况下将忽略该算法.
算法的效率使用CPU时间衡量. 采样算法的精度由相对误差 \dfrac{{|\hat x - x|}}{x} 衡量,其中 x 是时序图流中时序子图的精确计数,而 \hat x 是 x 的估计值. 每个实验中,所有算法将运行10次,并使用平均CPU时间和相对误差进行比较.
4.2 实验结果
所有算法的实验结果如表2所示. 实验中,在小数据集SU上,时间间隔\delta 设置为
86400 s(即1天),在大数据集SO,BC,RC上为3600 s(即1 h). 对于IS-BT,我们采用该算法的默认设置,即固定间隔长度为30δ,并给出相对误差最多为5%的最小区间采样概率的结果. 对于ES和EWS,我们设置采样率为0.064,并且根据原文设置EWS的楔形采样率在小数据集SU上为1,大数据集SO,BC,RC上为0.1. 对于SES,设置蓄水池大小为r=0.064 m,其中m是数据集中时序边的数目.表 2 各算法的运行时间和平均误差Table 2. Running Time and Average Errors of Algorithms数据集 子图 EX 2SCENT BT IS-BT ES EWS SES(本文) 时间/ms 时间/ms 时间/ms 误差/% 时间/ms 误差/% 时间/ms 误差/% 时间/ms 误差/% 时间/ms SU Q1 3260 N/A 1499 3.99 619.7 0.97 561.9 0.97 358.5 1.17 4.536 Q2 1650 3.23 670.5 1.48 468.1 1.48 302.6 2.39 4.370 Q3 4600 1506 4.85 722.8 3.37 628.1 3.37 2204 3.91 4.420 Q4 4.6×104 1434 3.79 724.5 2.54 681.3 2.54 2307 4.98 4.538 Q5 N/A 1521 4.55 758.9 5.16 312.4 N/A 11.32 4.763 SO Q1 1.7×105 N/A 1.1×105 4.82 8626 0.24 2.7×104 0.38 1.0×104 0.46 5.334 Q2 1.1×105 4.82 2.7×104 0.12 2.4×104 0.39 1.1×104 0.70 5.595 Q3 4.7×105 1.1×105 4.30 2.6×104 0.37 2.4×104 1.35 9167 2.22 5.589 Q4 2.4×105 1.1×105 4.90 6775 0.92 2.4×104 2.02 9224 3.18 5.561 Q5 N/A 9.2×104 4.91 9451 1.75 1.1×104 N/A 3.92 5.628 BC Q1 8.1×106 N/A 2.2×105 4.75 5.0×104 0.33 3.3×105 0.34 6.2×104 0.76 6.656 Q2 4.0×105 4.90 1.3×105 0.37 1.9×105 0.38 5.1×104 1.47 7.896 Q3 8.1×106 4.0×105 3.89 9.0×104 0.61 2.4×105 1.16 1.8×104 1.74 6.531 Q4 4.7×105 4.7×105 4.93 9.5×104 0.36 2.4×105 0.71 2.3×104 1.55 6.823 Q5 N/A 6.0×105 4.83 3.2×105 1.04 1.3×105 N/A 1.29 9.311 RC Q1 2.8×106 N/A 2.0×106 4.76 8.4×105 1.02 1.2×106 0.99 2.0×105 3.26 7.546 Q2 2.1×106 4.67 4.3×105 0.39 5.0×105 0.44 1.7×105 0.96 7.428 Q3 −1 2.1×106 4.61 7.8×105 0.95 3.0×105 1.28 9.3×104 2.03 7.679 Q4 2.2×106 1.9×106 4.86 6.8×105 1.74 3.0×105 1.94 9.1×104 4.34 7.798 Q5 N/A 1.6×106 4.41 7.1×105 3.69 1.5×105 N/A 7.23 8.343 注:N/A表示算法不支持时序子图;−1表示程序在运行时因内存不足而报错;加下划线数值表示最小误差或最小运行时间. 从表2中可以发现,首先,EX和2SCENT的效率明显低于其他算法. 这是因为它们使用静态图中的子图同构或循环检测算法生成候选子图,而不考虑边的时间信息,结果产生了大量违反持续时间约束的冗余候选项,从而导致性能下降. 其次,在近似算法中,ES算法的精确度最高,EWS算法运行速度比ES快,SES算法在精确度与ES,EWS相当的情况下,效率方面最高达到3个数量级的大幅提升. 其中,IS-BT算法没有明显优势,大多数情况下其精确度和效率弱于其他近似算法.
通过设置不同的蓄水池大小(样本量) r 值,测试 r 对算法性能的影响. 由于在综合比较中近似计数算法IS-BT的精确度和效率不如ES和EWS算法,因此,后面实验不再对其进行详细比较. 实验中,对于SES,改变蓄水池的大小r为
0.0001 m~0.25m,其中m是数据集中时序边的数目. 对于ES和EWS,设置边采样率为0.0001 ~0.25,从而改变采样边的数目.实验结果如图5和图6所示,分别展示了相对误差和平均更新时间随蓄水池大小 r 的变化,其中更新时间指处理
1000 条新增时序边的运行时间.图5和图6的横轴和纵轴都是采用对数坐标系.从2个图可以发现:1)随着 r 的增加,所有算法的误差大幅下降,运行时间增加. 2)算法ES和EWS的误差比SES的稍微小一些. 这是因为在算法ES和EWS中,所有的时序子图都被计数p次,其误差相对较小. 而为处理时序图流,SES将所有的时序子图都只计数1次. 3)随着 r 的增加,ES和EWS的更新时间大幅增加,而SES的更新时间基本保持稳定,计算效率取得了最高3个数量级的大幅提升.![]()
图 6 每1 000条边平均更新时间随蓄水池大小r的变化Figure 6. Average update time per 1 000 edges with varying sample size r随着时间的增加,图流数据越来越多. 本节在大规模数据集BC上测试SES算法的性能随时间的变化,实验设置r=0.01m. 因图流早期的r>mt,采样率为1,估算结果不具有参考性,所以展示数据后面24个月的实验结果. 图7展示了时序子图数目随时间的变化,包括由BT算法得到的真实值和SES算法的平均估计值以及标准差. 在多数情况下,SES的平均估计值几乎与真实值重合,而且标准差比较小.
以在BC数据集上查询时序子图Q3为例,通过设置 \delta 为1~24 h,测试 \delta 对算法性能的影响,如图8所示.图8的横轴采用直角坐标系,而纵轴采用对数坐标系. 随着 \delta 的增加,所有算法的误差均有所下降,每1 000条边的平均更新时间则增加. 其中,SES运行得最快. 当 \delta 增加时,其更新时间几乎是稳定的;同时,SES仍然具有与其他算法相当的相对误差. 证实SES在时间跨度 \delta 范围内具有最佳的可扩展性.
![]()
图 8 在不同时间间隔 \delta 下查询BC上Q3Figure 8. Query motif Q3 on BC with varying time span \delta5. 结束语
本文主要研究大规模时序图流中时序子图近似计数问题. 首先,提出了基于蓄水池采样的流式时序子图近似计数算法;然后对算法估计值的期望、方差和时间复杂度进行了全面的理论分析;最后,在4个真实的时序图数据集上进行大量实验,结果表明在处理时序图流数据时,所提算法比其他算法更新速度更快、计算效率更高.
作者贡献声明:王晶晶完成实验设计、实验开发任务并撰写论文;王延昊、姜文君提供实验开发思路,给予指导意见并修改论文;曾一夫、祝团飞完成实验验证任务和提供论文修改意见.
-
![]()
图 16 乱序执行驱动的熔断型攻击分阶段比较
Figure 16. Phased comparison of meltdown type attacks driven by out-of-order execution
![]()
图 21 错误分支预测执行驱动的幽灵型攻击分阶段比较
Figure 21. Phased comparison of spectre-type attacks driven by incorrect branch prediction execution
![]()
图 22 错误数据预测驱动的数据采样型攻击分阶段比较
Figure 22. Phased comparison of data sampling attacks driven by incorrect data prediction
表 1 隐蔽信道应用情况统计
Table 1 Covert Channel Application Statistics
相关工作 信道名称* 利用组件 攻击目标** 相关工作 信道名称* 利用组件 攻击目标 Osvik等人[10] E+T L1D OpenSSL AES Yarom等人[8] F+R LLC GnuPG RSA Wampler等人[58] E+T LLC 内核隔离 Van等人[92] F+R LLC ECDSA Hund等人[95] E+T LLC 内核隔离 Benger等人[93] F+R LLC ECDSA Osvik等人[1] P+P L1D OpenSSL AES Allan等人[102] F+R LLC OpenSSL AES Percival等人[94] P+P L1D OpenSSL RSA Zhang等人[103] F+R LLC 用户活动 Liu等人[13] P+P LLC GnuPG ElGamal Irazoqui等人[104] F+R LLC TLS/DTLS Neve等人[96] P+P L1I AES Irazoqui等人[105] F+R LLC GnuPG ElGamal/OpenSSL AES Aciiçmez等人[97] P+P L1I OpenSSL RSA Gruss等人[106] F+R LLC 键盘输入数据 Kayaalp等人[98] P+P LLC AES Lipp等人[15] E+R LLC AES Brasser等人[99] P+P LLC RSA Yan等人[54] E+R LLC GnuPG RSA Schwarz等人[100] P+P LLC RSA Gruss等人[14] F+F LLC AES Gullasch等人[11] F+R LLC OpenSSL AES Disselkoen等人[16] P+A▲ LLC OpenSSL AES Irazoqui等人[101] F+R LLC GnuPG RSA Schwarz等人[21] AVX信道 AVX单元 \ Briongos等人[12] R+R▲ LLC OpenSSL AES/RSA Fustos等人[5] 除法器信道 浮点运算单元 浏览器数据 Jin等人[45] EFLAGS 寄存器 \ Qiu等人[6] PMU信道 性能监视单元 SGX Bhattacharyya等人[4] 端口争用 执行端口 OpenSSH Meulemeester等人[7] 电磁信道 (外部设备) \ *“▲”代表已有相关研究,但尚未应用在TEA中 **“\”代表该研究尚停留在PoC阶段,实验暂未提及在实际中的应用. 
下载: 导出CSV
表 2 隐蔽信道特点总结与对比
Table 2 Summary and Comparison of Covert Channel Characteristics
信道类型 信道* 粒度** 信道特性*** ① ② ③ ④ ⑤ 缓存争用型 E+T S - √ √ - √ P+P S - √ √ - √ E+R S - √ √ - √ 数据重用型 F+R L √ √ - - √ F+F L √ √ - - √ 非缓存型 端口 B - √ - - √ 除法器 B - √ - √ √ AVX B - √ - - √ 寄存器 B - √ - - √ PMU V/B - - - - - 电磁 V 需要外接测量设备 - *用信道名首字母做记号,例如,Prime+Probe记为“P+P”,Flush+Reload记为“F+R”后同.
**缓存集粒度记为“S”,缓存行粒度记为“L”,比特粒度记为“B”,直接可得值记为“V”.
***①滥用clflush指令;②滥用计时器;③短时大量缓存换出;④借助除法器;⑤时间测量.
下载: 导出CSV
表 3 结合攻击模型的瞬态执行攻击相关研究总结
Table 3 Summary of Related Research on TEAs Combined with Attack Models
相关工作 Gadget形式 SEW拓展方式* 信道名称 Meltdown[1] 显式 Ⅰ F+R Spectre V1[2] 显式 Ⅰ/Ⅱ F+R Spectre V2[2] 显式 Ⅰ/Ⅱ F+R Foreshadow[17] 显式 Ⅰ F+R Crosstalk[19] 显式 Ⅰ/Ⅱ F+R Foreshadow-NG[20] 显式 Ⅰ F+R NetSpectre-Cache[21] 显式 Ⅰ F+R LazyFP[22] 显式 Ⅰ F+R Downfall[23] 显式 Ⅱ F+R RIDL[35] 显式 Ⅰ F+R ZombieLoad[36] 显式 Ⅰ F+R Fallout[37] 显式 Ⅰ F+R Medusa[38] 显式 Ⅰ F+R SGAxe[40] 显式 Ⅰ/Ⅱ F+R CacheOut[43] 显式 Ⅰ F+R LVI[44] 显式 Ⅰ F+R SgxPectre[60] 显式 Ⅰ/Ⅱ F+R ret2spec[62] 显式 Ⅰ/Ⅱ F+R RetBleed[64] 显式 Ⅰ/Ⅱ F+R/P+P Spectre RSB[67] 显式 Ⅰ F+R Spectre V3r/z[72] 显式 Ⅰ F+R Spectre V3a[77] 显式 Ⅰ F+R Spectre BHI[84] 显式 Ⅰ/Ⅱ F+R/E+R BHI-native[85] 显式 Ⅰ/Ⅱ F+R/E+R Spectre V4[91] 显式 Ⅰ F+R SMoTherSpectre[4] 隐式 \ 执行端口 SpectreRewind[5] 隐式 \ 除法器 NetSpectre-AVX[21] 隐式 \ AVX EFLAGS attack[45] 隐式 \ 寄存器 PMU-Spill[6] 显/隐式 \ PMU SpectrEM[7] 显/隐式 \ 电磁信息 *使用非缓存型隐蔽信道的TEAs在瞬态执行时即立刻还原密钥,因此本文不讨论其窗口拓展方式.
下载: 导出CSV
表 4 隐蔽信道适用场景研究总结
Table 4 Summary of Research on Covert Channel Applicable Scenarios
信道名称 物理核 操作系统 内存隔离 同核心 跨核心 同进程 跨进程 SMT 内核 跨VM TEE Evict+Time[10] √ - √ √ - - - - Prime+Probe[13] √ √ √ √ - - - - Evict+Reload[15] √ √ √ √ - - - - Flush+Reload[8] √ √ √ √ √ - - - Flush+Flush[14] √ √ √ √ - - - - 端口争用[4] √ - √ - √ √ - - 除法器[5] √ - √ √ √ √ - - AVX[21] √ - √ - √ - - EFALGS[45] √ - √ √ - √ - - PMU[6] √ - √ √ - √ - √ 电磁信息[7] √ √ √ √ √ √ - - “-”表示原文献中未明确指出该攻击场景.
下载: 导出CSV
表 5 瞬态执行攻击适用场景总结
Table 5 Summary of Applicable Scenarios for TEAs
攻击名称 物理核 操作系统 内存隔离 攻击名称 物理核 操作系统 内存隔离 同核心 跨核心 同进程 跨进程 SMT 内核 跨VM TEE 同核心 跨核心 同进程 跨进程 SMT 内核 跨VM TEE Meltdown[1] √ - √ √ - √ - - VRS[42] √ - √ √ √ √ √ - LazyFP[22] √ - √ √ - √ - - Foreshadow[17] √ - - √ √ - - √ Spectre V1[2] √ - √ √ - √ - - Foreshadow-OS[20] √ - - √ √ - - √ Spectre V1.1[82] √ - √ √ - √ - - Foreshadow-VMM[20] √ - - √ √ - √ √ Spectre V1.2[83] √ - √ √ - √ - - RIDL[35] √ - √ √ √ √ √ √ Spectre V2[2] √ - √ √ - √ - - ZombieLoad[36] √ - √ √ √ √ √ √ Spectre V3a[77] √ - √ √ - √ - - Fallout[37] √ - √ √ √ √ √ √ Spectre V4[91] √ - √ √ - √ - - Medusa[38] √ - √ √ √ √ √ √ Spectre RSB[67] √ - √ √ - √ - √ LVI[44] √ - √ √ √ √ √ √ ret2spec[62] √ - √ √ - √ - CacheOut[43] √ - √ √ √ √ √ √ Snoopy[25] √ √ √ √ √ √ √ √ SGAxe[40] √ - √ √ √ √ √ √ RIDL-TAA[41] √ - √ √ √ - √ √ CrossTalk[19] √ √ √ √ √ √ √ √ SMoTherSpectre[4] √ - √ √ √ √ - - Downfall[23] √ - √ √ √ √ √ √ EFLAGS attack[45] √ - √ √ - √ - - NetSpectre-cache[21] √ - - √ - √ - - SpectreRewind[5] √ - √ √ √ √ - - NetSpectre-AVX[21] √ - - √ - √ - - PMU-Spill[6] √ - √ √ - √ - √ SpectrEM[7] √ √ √ √ - √ - - “-”表示原文献中未明确指出该攻击场景.
下载: 导出CSV
-
[1] Lipp M, Schwarz M, Gruss D, et al. Meltdown: Reading kernel memory from user space[C]//Proc of the 27th USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2018: 18−33
[2] Kocher P, Horn J, Fogh A, et al. Spectre attacks: Exploiting speculative execution[C]//Proc of the 2019 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2019: 1−19
[3] Szefer J. Survey of microarchitectural side and covert channels, attacks, and defenses[J]. Journal of Hardware and Systems Security, 2019, 3(3): 219−234 doi: 10.1007/s41635-018-0046-1
[4] Bhattacharyya A, Sandulescu A, Neugschwandtner M, et al. Smotherspectre: Exploiting speculative execution through port contention[C]//Proc of the 2019 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2019: 785−800
[5] Fustos J, Bechtel M, Yun H. Spectrerewind: Leaking secrets to past instructions[C]//Proc of the 4th ACM Workshop on Attacks and Solutions in Hardware Security. New York: ACM, 2020: 117−126
[6] Qiu Pengfei, Gao Qiang, Liu Chang, et al. Pmu-spill: A new side channel for transient execution attacks[J]. IEEE Transactions on Circuits and Systems I: Regular Papers, 2023, 70(12): 5048−5059 doi: 10.1109/TCSI.2023.3298913
[7] De Meulemeester J, Purnal A, Wouters L, et al. SpectrEM: Exploiting Electromagnetic emanations during transient execution[C]//Proc of the 32nd USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2023: 6293−6310
[8] Yarom Y, Falkner K. Flush+ Reload: A high resolution, low noise, L3 cache side-channel attack[C]//Proc of the 23rd USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2014: 719−732
[9] Ristenpart T, Tromer E, Shacham H, et al. Hey, you, get off of my cloud: Exploring information leakage in third party compute clouds[C]//Proc of the 16th ACM Conf on Computer and Communications Security. New York: ACM, 2009: 199−212
[10] Osvik D A, Shamir A, Tromer E. Cache attacks and countermeasures: The case of AES[C]//Proc of the 2006 The Cryptographers’ Track at the RSA Conf on Topics in Cryptology. Berlin: Springer, 2006: 1−20
[11] Gullasch D, Bangerter E, Krenn S. Cache games bringing access based cache attacks on AES to practice[C]//Proc of the 2011 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2011: 490−505
[12] Briongos S, Malagón P, Moya J M, et al. Reload+ refresh: Abusing cache replacement policies to perform stealthy cache attacks[C]//Proc of the 29th USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2020: 1967−1984
[13] Liu Fangfei, Yarom Y, Ge Qian, et al. Last-level cache side-channel attacks are practical[C]//Proc of the 2015 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2015: 605−622
[14] Gruss D, Maurice C, Wagner K, et al. Flush+ Flush: A fast and stealthy cache attack[C]//Proc of the 13th Int Conf on Detection of Intrusions and Malware, and Vulnerability Assessment. Berlin: Springer, 2016: 279−299
[15] Lipp M, Gruss D, Spreitzer R, et al. ARMageddon: Cache attacks on mobile devices[C]//Proc of the 25th USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2016: 549−564
[16] Disselkoen C, Kohlbrenner D, Porter L, et al. Prime + abort: A timer-free high-precision l3 cache attack using intel TSX[C]//Proc of the 26th USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2017: 51−67
[17] Van Bulck J, Minkin M, Weisse O, et al. Foreshadow: Extracting the keys to the Intel SGX kingdom with transient out-of-order execution[C]//Proc of the 27th USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2018: 991−1008
[18] Mukhtar M A, Bhatti M K, Gogniat G. Architectures for security: A comparative analysis of hardware security features in Intel SGX and ARM TrustZone[C]//Proc of the 2nd Int Conf on Communication, Computing and Digital systems. Piscataway, NJ: IEEE, 2019: 299−304
[19] Ragab H, Milburn A, Razavi K, et al. Crosstalk: Speculative data leaks across cores are real[C]//Proc of the 2021 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2021: 1852−1867
[20] Weisse O, Van Bulck J, Minkin M, et al. Foreshadow-NG: Breaking the virtual memory abstraction with transient out-of-order execution [EB/OL]. 2018 [2023-11-29]. https://lirias.kuleuven.be/2089352
[21] Schwarz M, Schwarzl M, Lipp M, et al. Netspectre: Read arbitrary memory over network[C]//Proc of the 24th European Symp on Research in Computer Security. Berlin: Springer, 2019: 279−299
[22] Stecklina J, Prescher T. Lazyfp: Leaking fpu register state using microarchitectural side-channels[J]. arXiv preprint, arXiv: 1806.07480, 2018
[23] Moghimi D. Downfall: Exploiting speculative data gathering[C]//Proc of the 32nd USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2023: 7179−7193
[24] Intel. Snoop assisted L1D sampling advisory [EB/OL]. (2021-05-11) [2023-11-29]. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00330.html
[25] Intel. Snoop-assisted L1 data sampling [EB/OL]. (2020-3-10) [2023-11-29]. https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/snoop-assisted-l1-data-sampling.html
[26] 苗新亮,蒋烈辉,常瑞. 访问驱动下的Cache侧信道攻击研究综述[J]. 计算机研究与发展,2020,57(4):824−835 Miao Xinliang, Jiang Liehui, Chang Rui. Survey of access-driven cache-based side channel attack[J]. Journal of Computer Research and Development, 2020, 57(4): 824−835 (in Chinese)
[27] 张伟娟,白璐,凌雨卿,等. 缓存侧信道攻击与防御[J]. 计算机研究与发展,2023,60(1):206−222 Zhang Weijuan, Bai Lu, Ling Yuqing, et al. Cache side-channel attacks and defenses[J]. Journal of Computer Research and Development, 2023, 60(1): 206−222(in Chinese)
[28] 吴晓慧,贺也平,马恒太,等. 微架构瞬态执行攻击与防御方法[J]. 软件学报,2020,31(2):544−563 Wu XiaoHui, He Yeping, Ma Hengtai, et al. Microarchitectural transient execution attacks and defense methods[J]. Journal of Software, 2020, 31(2): 544−563(in Chinese)
[29] 李晔,李沛南,赵路坦,等. 瞬态执行漏洞攻击及防御综述[J]. 高技术通讯,2020,30(8):774−782 Li Ye, Li Peinan, Zhao Lutan, et al. Overview of transient execution vulnerability attacks and defenses[J]. High Technology Communications, 2020, 30(8): 774−782 (in Chinese)
[30] Canella C, Van Bulck J, Schwarz M, et al. A systematic evaluation of transient execution attacks and defenses[C]//Proc of the 28th USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2019: 249−266
[31] Ragab H, Barberis E, Bos H, et al. Rage against the machine clear: A systematic analysis of machine clears and their implications for transient execution attacks[C]//Proc of the 30th USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2021: 1451−1468
[32] Xiong Wenjie, Szefer J. Survey of transient execution attacks and their mitigations[J]. ACM Computing Surveys, 2021, 54(3): 1−36
[33] Fiolhais L, Sousa L. Transient execution attacks: A computer architect perspective[J]. ACM Computing Surveys, 2023, 56(3): 1−38
[34] Intel Cor. Intel 64 and IA−32 architectures optimization reference manual volume 1[EB/OL]. (2023-09-05) [2023-11-09]. https://www.intel.com/content/www/us/en/content-details/814198/intel-64-and-ia-32-architectures-optimization-reference-manual-volume-1.html
[35] Van Schaik S, Milburn A, Österlund S, et al. RIDL: Rogue in-flight data load[C]//Proc of the 2019 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2019: 88−105
[36] Schwarz M, Lipp M, Moghimi D, et al. ZombieLoad: Cross-privilege-boundary data sampling[C]//Proc of the 2019 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2019: 753−768
[37] Canella C, Genkin D, Giner L, et al. Fallout: Leaking data on meltdown-resistant CPUs[C]//Proc of the 2019 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2019: 769−784
[38] Moghimi D, Lipp M, Sunar B, et al. Medusa: Microarchitectural data leakage via automated attack synthesis[C]//Proc of the 29th USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2020: 1427−1444
[39] Borrello P, Kogler A, Schwarzl M, et al. ÆPIC leak: Architecturally leaking uninitialized data from the microarchitecture[C]//Proc of the 31st USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2022: 3917−3934
[40] Van Schaik S, Kwong A, Genkin D, et al. SGAxe: How SGX fails in practice [EB/OL]. 2020[2024-01-01]. https://sgaxe.com/files/SGAxe.pdf
[41] VUSec Group. Addendum 1 to RIDL: Rogue In-flight data load, RIDL variant as the TSX asynchronous abort [EB/OL]. (2019-11-12)[2024-01-01]. https://mdsattacks.com/files/ridl-addendum.pdf
[42] VUSec Group. Addendum 2 to RIDL: Rogue in-flight data load, vector register sampling [EB/OL]. (2020-01-27)[2023-12-28]. https://mdsattacks.com/files/ridl-addendum2.pdf
[43] Van Schaik S, Minkin M, Kwong A, et al. CacheOut: Leaking data on Intel CPUs via cache evictions[C]//Proc of the 2021 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2021: 339−354
[44] Van Bulck J, Moghimi D, Schwarz M, et al. LVI: Hijacking transient execution through microarchitectural load value injection[C]//Proc of the 2020 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2020: 54−72
[45] Jin Yu, Qiu Pengfei, Wang Chunlu, et al. Timing the transient execution: A new side-channel attack on Intel CPUs [J]. arXiv preprint, arXiv: 2304.10877, 2023
[46] Šilc J, Robic B, Ungerer T. Processor Architecture: From Dataflow to Superscalar and Beyond; with 34 Tables [M]. Berlin: Springer, 1999
[47] Shen J P, Lipasti M H. Modern Processor Design: Fundamentals of Superscalar Processors[M]. Long Grove, Illinois: Waveland Press, 2013
[48] Tomasulo R M. An efficient algorithm for exploiting multiple arithmetic units[J]. IBM Journal of Research and Development, 1967, 11(1): 25−33 doi: 10.1147/rd.111.0025
[49] González J, González A. Speculative execution via address prediction and data prefetching[C]//Proc of the 11th Int Conf on Supercomputing. New York: ACM, 1997: 196−203
[50] Denning P J. The working set model for program behavior[J]. Communications of the ACM, 1968, 11(5): 323−333 doi: 10.1145/363095.363141
[51] Nagarajan V. A Primer on Memory Consistency and Cache Coherence[M]. Berlin: Springer Nature, 2022
[52] Papamarcos M S, Patel J H. A low-overhead coherence solution for multiprocessors with private cache memories[C]//Proc of the 11th Annual Int Symp on Computer Architecture. New York: ACM, 1984: 348−354
[53] Zahran M, Albayraktaroglu K, Franklin M. Non-inclusion property in multi-level caches revisited[J]. International Journal of Computers and Their Applications, 2007, 14(2): 99−108
[54] Yan Mengjia, Sprabery R, Gopireddy B, et al. Attack directories, not caches: Side channel attacks in a non-inclusive world[C]//Proc of the 2019 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2019: 888−904
[55] Guo Shengjia, Chen Yueqi, Li Peng, et al. SpecuSym: Speculative symbolic execution for cache timing leak detection[C]//Proc of the 42nd ACM/IEEE Int Conf on Software Engineering. Piscataway, NJ: IEEE, 2020: 1235−1247
[56] Oleksenko O, Trach B, Silberstein M, et al. SpecFuzz: Bringing spectre-type vulnerabilities to the surface[C]//Proc of the 29th USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2020: 1481−1498
[57] Qi Zhenxiao, Feng Qian, Cheng Yueqiang, et al. SpecTaint: Speculative Taint analysis for discovering Spectre gadgets[C] //Proc of the 2021 Symp on Network and Distributed System Security. Piscataway, NJ: IEEE, 2021: 841−855
[58] Wampler J, Martiny I, Wustrow E. ExSpectre: Hiding malware in speculative execution[C]//Proc of the 2019 Symp on Network and Distributed System Security. Piscataway, NJ: IEEE, 2019: 316−330
[59] Tobah Y, Kwong A, Kang I, et al. SpecHammer: Combining spectre and Rowhammer for new speculative attacks[C] //Proc of the 2022 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2022: 681−698
[60] Chen Guoxing, Chen Sanchuan, Xiao Yuan, et al. Sgxpectre: Stealing intel secrets from sgx enclaves via speculative execution[C]//Proc of the 2019 IEEE European Symp on Security and Privacy. Piscataway, NJ: IEEE, 2019: 142−157
[61] Trujillo D, Wikner J, Razavi K. INCEPTION: Exposing new attack surfaces with training in transient execution[C]//Proc of the 32nd USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2023: 7303−7320
[62] Maisuradze G, Rossow C. ret2spec: Speculative execution using return stack buffers[C]//Proc of the 2018 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2018: 2109−2122
[63] Maisuradze G, Backes M, Rossow C. Dachshund: Digging for and securing against (non-) blinded constants in JIT code[C]//Proc of the 2017 Symp on Network and Distributed System Security. Piscataway, NJ: IEEE, 2017: 200−215
[64] Wikner J, Razavi K. RETBLEED: Arbitrary speculative code execution with return instructions[C]//Proc of the 31st USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2022: 3825−3842
[65] COMSEC Computer Security Group. Retbleed: Arbitrary speculative code execution with return instructions[EB/OL]. 2022[2023-12-30]. https://comsec.ethz.ch/research/microarch/retbleed
[66] Chowdhuryy M H I, Yao Fan. Leaking secrets through modern branch predictors in the speculative world[J]. IEEE Transactions on Computers, 2021, 71(9): 2059−2072
[67] Koruyeh E M, Khasawneh K N, Song C, et al. Spectre returns! Speculation attacks using the return stack buffer[C/OL] //Proc of the 12th USENIX Conf on Offensive Technologies. Berkeley, CA: USENIX Association, 2018[2024-02-13]. https://www.usenix.org/system/files/conference/woot18/woot18-paper-koruyeh.pdf
[68] Bhattacharyya A, Sánchez A, Koruyeh E M, et al. SpecROP: Speculative exploitation of ROP chains[C]//Proc of the 23rd Int Symp on Research in Attacks, Intrusions and Defenses. Berkeley, CA: USENIX Association, 2020: 1−16
[69] Bernstein D J. Cache-timing attacks on AES [EB/OL]. 2005[2023-12-29]. https://mimoza.marmara.edu.tr/~msakalli/cse466_09/cache timing-20050414.pdf
[70] Intel Cor. Intel architecture instruction set extensions programming reference [EB/OL]. 2023[2023-11-25]. https://cdrdv2.intel.com/v1/dl/getContent/671368
[71] Hammarlund P, Martinez A J, Bajwa A A, et al. Haswell: The fourth-generation intel core processor[J]. IEEE Micro, 2014, 34(2): 6−20 doi: 10.1109/MM.2014.10
[72] Baidu Security. Meltdown V3c &V3r [EB/OL]. (2018-03-07) [2023-11-25]. https://anquan.baidu.com/article/143
[73] Müller L. Kpti a mitigation method against meltdown[C/OL] //Proc of the 4th Wiesbaden Workshop on Advanced Microkernel Operating Systems. 2018[2024-02-13]. https://www.cs.hs-rm.de/~kaiser/events/wamos2018/wamos18-proceedings.pdf#page=43
[74] State Key Laboratory of Computer Architecture. Meltdown V3z and it mitigation [EB/OL]. (2019-03-26) [2023-11-25]. http://www.carch.ac.cn/hzjl/xshd/201906/t20190628_497154.html
[75] Intel. Speculative behavior of swapgs and segment registers [EB/OL]. (2019-08-06)[2023-12-21]. https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/speculative-behavior-swapgs-and-segment-registers.html
[76] Luțaș A, Luțaș D. Bypassing KPTI using the speculative behavior of the SWAPGS instruction [EB/OL]. 2019[2023-12-25]. https://i.blackhat.com/eu-19/Thursday/eu-19-Lutas-Bypassing-KPTI-Using-The-Speculative-Behavior-Of-The-SWAPGS-Instruction-wp.pdf
[77] The MITRE Corporation. CVE−2018−3640: Spectre variant V3a [EB/OL]. (2020-06-05)[2023-12-25]. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3640
[78] Zheng Wei, Wu Ying, Wu Xiaoxue, et al. A survey of Intel SGX and its applications[J]. Frontiers of Computer Science, 2021, 15(1): 1−15
[79] Smith J E. A study of branch prediction strategies[C]//Proc of the 25th Annual Int Symp on Computer architecture. New York: ACM, 1998: 202−215
[80] O’Keeffe D, Muthukumaran D, Aublin P L, et al. Spectre attack against SGX enclave [EB/OL]. 2018[2023-12-25]. https://github.com/lsds/spectre-attack-sgx
[81] Kim Y, Daly R, Kim J, et al. Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors[J]. ACM SIGARCH Computer Architecture News, 2014, 42(3): 361−372 doi: 10.1145/2678373.2665726
[82] Kiriansky V, Waldspurger C. Speculative buffer overflows: Attacks and defenses[J]. arXiv preprint, arXiv: 1807.03757, 2018
[83] Sternberger M. Spectre-ng: An avalanche of attacks[C/OL] //Proc of the 4th Wiesbaden Workshop on Advanced Microkernel Operating Systems. 2018[2024-02-23]. https://www.cs.hs-rm.de/~kaiser/events/wamos2018/wamos18-proceedings.pdf#page=23
[84] Barberis E, Frigo P, Muench M, et al. Branch history injection: On the effectiveness of hardware mitigations against cross-privilege Spectre-v2 attacks[C] //Proc of the 31st USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2022: 971−988
[85] Wiebing S, de Faveri Tron A, Bos H, et al. InSpectre Gadget: Inspecting the residual attack surface of cross-privilege Spectre v2[C/OL]//Proc of the 33rd USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2024[2024-07-25]. https://download.vusec.net/papers/inspectre_sec24.pdf
[86] Bletsch T, Jiang X, Freeh V W, et al. Jump-oriented programming: A new class of code-reuse attack[C]//Proc of the 6th ACM Symp on Information, Computer and Communications Security. New York: ACM, 2011: 30−40
[87] Shacham H. The geometry of innocent flesh on the bone: Return-into-libc without function calls on the x86[C]//Proc of the 14th ACM Conf on Computer and Communications Security. New York: ACM, 2007: 552−561
[88] AMD Cor. Software techniques for managing speculation on AMD processors, revision 5.09. 23 [EB/OL]. (2023-05-09)[2024-01-16]. https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/tuning-guides/software-techniques-for-managing-speculation.pdf
[89] INTEL. Speculative execution side channel mitigations [EB/OL]. (2021-05-26) [2024-01-16]. https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/speculative-execution-side-channel-mitigations.html
[90] Huang A S, Slavenburg G, Shen J P. Speculative disambiguation: A compilation technique for dynamic memory disambiguation[J]. ACM SIGARCH Computer Architecture News, 1994, 22(2): 200−210 doi: 10.1145/192007.192012
[91] Intel. Speculative store bypass [EB/OL]. (2018-5-21)[2023-12-30]. https://www.intel.cn/content/www/cn/zh/developer/articles/technical/software-security-guidance/advisory-guidance/speculative-store-bypass.html
[92] Van de Pol J, Smart N P, Yarom Y. Just a little bit more[C]//Proc of the 2015 Cryptographers’ Track at the RSA Conf on Topics in Cryptology. Berlin: Springer, 2015: 3−21
[93] Benger N, Van de Pol J, Smart N P, et al. “Ooh Aah. Just a Little Bit”: A small amount of side channel can go a long way[C]//Proc of the 16th Int Workshop on Cryptographic Hardware and Embedded Systems. Berlin: Springer, 2014: 75−92
[94] Percival C. Cache missing for fun and profit [EB/OL]. 2005[2023-12-29]. https://css.csail.mit.edu/6.858/2014/readings/ht-cache.pdf
[95] Hund R, Willems C, Holz T. Practical timing side channel attacks against kernel space ASLR[C]//Proc of the 2013 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2013: 191−205
[96] Neve M, Seifert J P. Advances on access-driven cache attacks on AES[C]//Proc of the 13th Int Workshop on Selected Areas in Cryptography. Berlin: Springer, 2007: 147−162
[97] Aciiçmez O. Yet another microarchitectural attack: Exploiting I-cache[C]//Proc of the 2007 ACM Workshop on Computer Security Architecture. New York: ACM, 2007: 11−18
[98] Kayaalp M, Abu-Ghazaleh N, Ponomarev D, et al. A high-resolution side-channel attack on last-level cache[C] //Proc of the 53rd Annual Design Automation Conf. New York: ACM, 2016[2024-02-16]. https://doi.org/10.1145/2897937.2897962
[99] Brasser F, Müller U, Dmitrienko A, et al. Software grand exposure: SGX cache attacks are practical[C]//Proc of the 11th USENIX Conf on Offensive Technologies. Berkeley, CA: USENIX Association, 2017: 11−11
[100] Schwarz M, Weiser S, Gruss D, et al. Malware guard extension: Using SGX to conceal cache attacks[C]//Proc of the 14th Int Conf on Detection of Intrusions and Malware, and Vulnerability Assessment. Berlin: Springer, 2017: 3−24
[101] Irazoqui G, Inci M S, Eisenbarth T, et al. Wait a minute! A fast, Cross-VM attack on AES[C]//Proc of the 17th Int Symp on Research in Attacks, Intrusions and Defenses. Berkeley, CA: USENIX Association, 2014: 299−319
[102] Allan T, Brumley B B, Falkner K, et al. Amplifying side channels through performance degradation[C]//Proc of the 32nd Annual Conf on Computer Security Applications. New York: ACM, 2016: 422−435
[103] Zhang Yinqian, Juels A, Reiter M K, et al. Cross-tenant side-channel attacks in PaaS clouds[C]//Proc of the 2014 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2014: 990−1003
[104] Irazoqui G, Inci M S, Eisenbarth T, et al. Lucky 13 strikes back[C]//Proc of the 10th ACM Symp on Information, Computer and Communications Security. New York: ACM, 2015: 85−96
[105] Irazoqui G, Eisenbarth T, Sunar B. Cross processor cache attacks[C]//Proc of the 11th ACM on Asia Conf on Computer and Communications Security. New York: ACM, 2016: 353−364
[106] Gruss D, Spreitzer R, Mangard S. Cache template attacks: Automating attacks on inclusive last-level caches[C]//Proc of the 24th USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2015: 897−912
[107] Depoix J, Altmeyer P. Detecting spectre attacks by identifying cache side-channel attacks using machine learning [C/OL] //Proc of the 4th Wiesbaden Workshop on Advanced Microkernel Operating Systems. 2018[2024-01-23]. https://www.betriebssysteme.org/wp-content/uploads/2018/10/WAMOS_2018_paper_12.pdf
[108] Ahmad B A. Real time detection of spectre and meltdown attacks using machine learning [J]. arXiv preprint, arXiv: 2006.01442, 2020
[109] Panda B. Fooling the sense of cross-core last-level cache eviction based attacker by prefetching common sense[C]//Proc of the 28th Int Conf on Parallel Architectures and Compilation Techniques. New York: ACM, 2019: 138−150
[110] Almeida J B, Barbosa M, Barthe G, et al. Verifying constant-time implementations[C]//Proc of the 25th USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2016, 16: 53−70
[111] Lee S, Shih M W, Gera P, et al. Inferring fine-grained control flow inside SGX enclaves with branch shadowing[C]//Proc of the 26th USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2017: 557−574
[112] Van Bulck J, Piessens F, Strackx R. SGX-Step: A practical attack framework for precise enclave execution control[C] //Proc of the 2nd Workshop on System Software for Trusted Execution. New York: ACM, 2017[2024-02-14]. https://doi.org/10.1145/3152701.3152706
[113] Intel Cor. Intel Feature documentation: Indirect branch restricted speculation [EB/OL]. (2018-01-03)[2024-01-15]. https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/indirect-branch-restricted-speculation.html
[114] Intel Cor. Intel Feature documentation: Single thread indirect branch predictors [EB/OL]. (2018-01-03)[2024-01-15]. https://www.intel.cn/content/www/cn/zh/developer/articles/technical/software-security-guidance/technical-documentation/single-thread-indirect-branch-predictors.html
[115] Intel Cor. Intel Feature documentation: Indirect branch predictor barrier [EB/OL]. (2018-01-03)[2024-01-15]. https://www.intel.cn/content/www/cn/zh/developer/articles/technical/software-security-guidance/technical-documentation/indirect-branch-predictor-barrier.html
[116] Weber D, Thomas F, Gerlach L, et al. Indirect meltdown: Building novel side-channel attacks from transient-execution attacks[C] //Proc of the 28th European Symp on Research in Computer Security. Berlin: Springer Nature, 2023: 22−42
[117] Gruss D, Lipp M, Schwarz M, et al. Kaslr is dead: Long live kaslr[C]//Proc of the 9th Int Symp on Engineering Secure Software and Systems, Berlin: Springer, 2017: 161−176
[118] LWN Net. Jonathan corbet: A page-table isolation update [EB/OL] (2018-04-25)[2024-02-21]. https://lwn.net/Articles/752621/
[119] Hertogh M, Wiesinger M, Osterlund S, et al. Quarantine: Mitigating transient execution attacks with physical domain isolation[C]//Proc of the 26th Int Symp on Research in Attacks, Intrusions and Defenses. New York: ACM, 2023: 207−221
[120] Zeller A, Gopinath R, Böhme M, et al. The fuzzing book [EB/OL]. 2019[2024-02-15]. https://publications.cispa.saarland/3120/1/index.html
[121] Hur J, Song S, Kim S, et al. SpecDoctor: Differential fuzz testing to find transient execution vulnerabilities[C]//Proc of the 2022 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2022: 1473−1487
[122] Guarnieri M, Köpf B, Morales J F, et al. Spectector: Principled detection of speculative information flows[C]//Proc of the 2020 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2020: 1−19
[123] Oleksenko O, Guarnieri M, Köpf B, et al. Hide and seek with spectres: Efficient discovery of speculative information leaks with random testing[C]//Proc of the 2023 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2023: 1737−1752
[124] Wang Guanhua, Chattopadhyay S, Gotovchits I, et al. oo7: Low-overhead defense against spectre attacks via program analysis[J]. IEEE Transactions on Software Engineering, 2019, 47(11): 2504−2519
[125] Johannesmeyer B, Koschel J, Razavi K, et al. Kasper: Scanning for generalized transient execution gadgets in the Linux kernel [C/OL] //Proc of the 2022 Network and Distributed System Security Symp. Piscataway, NJ: IEEE, 2022 [2024-02-16]. https://www.ndss-symposium.org/ndss-paper/auto-draft-247
[126] Chen Yun, Hajiabadi A, Carlson T E. GADGETSPINNER: A new transient execution primitive using the loop stream detector[C]//Proc of the 2024 IEEE Int Symp on High-Performance Computer Architecture. Piscataway, NJ: IEEE, 2024: 15−30
[127] Pinto S, Santos N. Demystifying arm trustzone: A comprehensive survey[J]. ACM Computing Surveys, 2019, 51(6): 1−36
[128] AMD Cor. AMD secure encrypted virtualization (SEV) [EB/OL]. 2023[2024-01-25]. https://www.amd.com/zh-cn/developer/sev.html
[129] RISC-V International. The RISC-V instruction set manual [EB/OL]. (2017-05-07)[2024-01-25]. https://riscv.org/wp-content/uploads/2017/05/riscv-privileged-v1.10.pdf
[130] Hetterich L, Schwarz M. Branch different-spectre attacks on Apple silicon[C]//Proc of the 2022 Int Conf on Detection of Intrusions and Malware, and Vulnerability Assessment. Berlin: Springer, 2022: 116−135
[131] Wu Minjun, McCamant S, Yew P C, et al. PREDATOR: A cache side-channel attack detector based on precise event monitoring[C]//Proc of the 2022 IEEE Int Symp on Secure and Private Execution Environment Design. Piscataway, NJ: IEEE, 2022: 25−36
[132] Townley D, Arıkan K, Liu Y D, et al. Composable cachelets: Protecting enclaves from cache side-channel Attacks[C]//Proc of the 31st USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2022: 2839−2856
[133] Yan Hui, Cui Chaoyuan. CacheHawkeye: Detecting cache side channel attacks based on memory events[J]. Future Internet, 2022, 14(1): 24−36 doi: 10.3390/fi14010024
[134] Luo Mulong, Xiong Wenjie, Lee G, et al. Autocat: Reinforcement learning for automated exploration of cache-timing attacks[C] //Proc of the 2023 IEEE Int Symp on High-Performance Computer Architecture. Piscataway, NJ: IEEE, 2023: 317−332
[135] Evers M, Barnes L, Clark M. The AMD next-generation “Zen 3” core[J]. IEEE Micro, 2022, 42(3): 7−12 doi: 10.1109/MM.2022.3152788
[136] Purnal A, Turan F, Verbauwhede I. Double trouble: Combined heterogeneous attacks on non-inclusive cache hierarchies[C] //Proc of the 31st USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2022: 3647−3664
[137] Popescu M C, Balas V E, Perescu-Popescu L, et al. Multilayer perceptron and neural networks[J]. WSEAS Transactions on Circuits and Systems, 2009, 8(7): 579−588
[138] Sönmez B, Sarıkaya A A, Bahtiyar Ş. Machine learning based side channel selection for time-driven cache attacks on AES[C] //Proc of the 4th Int Conf on Computer Science and Engineering. New York: ACM, 2019[2024-02-17]. https://doi.org/10.1109/UBMK.2019.8907211
[139] Ding Ruyi, Zhang Ziyue, Zhang Xiang, et al. A cross-platform cache timing attack framework via deep learning[C]//Proc of the 2022 Design, Automation & Test in Europe Conf & Exhibition. Piscataway, NJ: IEEE, 2022: 676−681
[140] Tol M C, Gulmezoglu B, Yurtseven K, et al. FastSpec: Scalable generation and detection of spectre gadgets using neural embeddings[C]//Proc of the 2021 IEEE European Symp on Security and Privacy. Piscataway, NJ: IEEE, 2021: 616−632
[141] Zhang Quanjun, Fang Chunrong, Yu Bowen, et al. Pre-trained model-based automated software vulnerability repair: How far are we?[J]. IEEE Transactions on Dependable and Secure Computing, 2024, 21(4): 2507−2525 doi: 10.1109/TDSC.2023.3308897
[142] Fustos J, Farshchi F, Yun H. Spectreguard: An efficient data-centric defense mechanism against spectre attacks [C/OL] //Proc of the 56th Annual Design Automation Conf. New York: ACM, 2019[2024-02-11]. https://dl.acm.org/doi/pdf/10.1145/3316781.3317914
[143] Loughlin K, Neal I, Ma Jiacheng, et al. DOLMA: Securing speculation with the principle of transient Non-Observability[C]//Proc of the 30th USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2021: 1397−1414
[144] Werner M, Unterluggauer T, Giner L, et al. ScatterCache: Thwarting cache attacks via cache set randomization[C]//Proc of the 28th USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2019: 675−692
[145] Bandara S, Kinsy M A. Adaptive caches as a defense mechanism against cache side-channel attacks[C]//Proc of the 3rd ACM Workshop on Attacks and Solutions in Hardware Security Workshop. New York: ACM, 2019: 55−64
[146] García C P, Brumley B B. Constant-time callees with variable-time callers[C]//Proc of the 26th USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2017: 83−98
[147] Qiu Pengfei, Gao Qiang, Wang Dongsheng, et al. PMU-Leaker: Performance monitor unit-based realization of cache side-channel attacks[C]//Proc of the 28th Asia and South Pacific Design Automation Conf. 2023: 664−669
计量
- 文章访问数: 136
- HTML全文浏览量: 84
- PDF下载量: 50
