Arxiv:2006.14147V2 [Cs.CR] 26 Mar 2021

Arxiv:2006.14147V2 [Cs.CR] 26 Mar 2021

FastSpec: Scalable Generation and Detection of Spectre Gadgets Using Neural Embeddings M. Caner Tol Berk Gulmezoglu Koray Yurtseven Berk Sunar Worcester Polytechnic Institute Iowa State University Worcester Polytechnic Institute Worcester Polytechnic Institute [email protected] [email protected] [email protected] [email protected] Abstract—Several techniques have been proposed to detect [4] are implemented against the SGX environment and vulnerable Spectre gadgets in widely deployed commercial even remotely over the network [5]. These attacks show software. Unfortunately, detection techniques proposed so the applicability of Spectre attacks in the wild. far rely on hand-written rules which fall short in covering Unfortunately, chip vendors try to patch the leakages subtle variations of known Spectre gadgets as well as demand one-by-one with microcode updates rather than fixing a huge amount of time to analyze each conditional branch the flaws by changing their hardware designs. Therefore, in software. Moreover, detection tool evaluations are based developers rely on automated malware analysis tools to only on a handful of these gadgets, as it requires arduous eliminate mistakenly placed Spectre gadgets in their pro- effort to craft new gadgets manually. grams. The proposed detection tools mostly implement In this work, we employ both fuzzing and deep learning taint analysis [6] and symbolic execution [7], [8] to iden- techniques to automate the generation and detection of tify potential gadgets in benign applications. However, Spectre gadgets. We first create a diverse set of Spectre-V1 the methods proposed so far are associated with two gadgets by introducing perturbations to the known gadgets. shortcomings: (1) the low number of Spectre gadgets Using mutational fuzzing, we produce a data set with more prevents the comprehensive evaluation of the tools, (2) than 1 million Spectre-V1 gadgets which is the largest time consumption exponentially increases when the binary Spectre gadget data set built to date. Next, we conduct files become larger. Thus, there is a need for a robust and the first empirical usability study of Generative Adversarial fast analysis tool that can automatically discover potential Networks (GANs) in the context of assembly code generation Spectre gadgets in large-scale commercial software. Natural Language Processing (NLP) techniques are without any human interaction. We introduce SpectreGAN applied to automate challenging natural language and text which leverages masking implementation of GANs for both processing tasks [9]. Later, NLP techniques have been learning the gadget structures and generating new gadgets. used in the security domain, such as network traffic [10] This provides the first scalable solution to extend the variety and vulnerability analysis [11]. Such applications leverage of Spectre gadgets. word [12] or paragraph [13] embedding techniques to Finally, we propose FastSpec which builds a classifier learn the vector representations of the text. The success with the generated Spectre gadgets based on a novel high of these techniques heavily depends on the large data dimensional Neural Embeddings technique (BERT). For sets, which ease training scalable and robust NLP models. the case studies, we demonstrate that FastSpec discovers However, for Spectre, for instance, the number of available potential gadgets with a high success rate in OpenSSL gadgets is only 15, making it crucial to create new Spectre libraries and Phoronix benchmarks. Further, FastSpec offers gadgets before building an NLP-based detection tool. much greater flexibility and time-related performance gain Generative Adversarial Networks (GANs) [14] are a compared to the existing tools and therefore can be used for type of generative models, which aim to produce new gadget detection in large-scale software. examples by learning the distribution of training instances Index Terms—Spectre, Generative Adversarial Networks, in an adversarial setting. Since adversarial learning makes arXiv:2006.14147v2 [cs.CR] 26 Mar 2021 Neural Embeddings, Vulnerability Analysis GANs more robust and applicable in real-world scenarios, GANs have become quite popular in recent years with 1. Introduction applications ranging from generating images [15], [16] to text-to-image translation [17], etc. While the early applica- The new era of microarchitectural attacks began with tions of GANs focused on computer vision, implementing newly discovered Spectre [1] and Meltdown [2] attacks, the same techniques in NLP tasks poses a challenge due which may be exploited to exfiltrate confidential infor- to the lack of continuous space in the text. Various math- mation through microarchitectural channels during spec- ematical GAN-based techniques have been proposed to ulative and out-of-order executions. The Spectre attacks achieve better success in generating human-like sentences target vulnerable code patterns called gadgets, which leak to overcome this obstacle [18], [19]. However, it is information during speculatively executed instructions. still unclear whether GANs can be implemented in the While the initial variants of Spectre [1] exploit conditional context of computer security to create application-specific and indirect branches, Koruyeh et al. [3] propose another code snippets. Additionally, each computer language has Spectre variant by poisoning the entries in Return-Stack- a different structure, semantics, and other features that Buffers (RSBs). Moreover, new Spectre-type attacks [3], make it more difficult to generate meaningful snippets for a specific application. SpectreGAN generation techniques in Section 4. A new Neural vector embeddings [12], [13] used to obtain Transformer-based detection tool, namely, FastSpec is pro- the vector representations of words have proven extremely posed in Section 5. Finally, we conclude the paper with useful in NLP applications. Such embedding techniques discussions and limitations in Section 6 and conclusion also enable one to perform vector operations in high di- in Section 7. mensional space while preserving the meaningful relations between similar words. Typically, supervised techniques 2. Background apply word embedding tools as an initial step to obtain the vector embedding of each token and then build a su- 2.1. Transient Execution Attacks pervised model on top. For instance, BERT [20] was pro- posed by the Google AI team, which learns the relations In order to keep the pipeline occupied at all times, between different words in a sentence by applying a self- modern CPUs have sophisticated microarchitectural op- attention mechanism [21]. BERT has exhibited superior timizations to predict the control flow and data depen- performance compared to previous techniques [22], [23] dencies, where some instructions can be executed ahead when combined with bi-directional learning. Furthermore, of time in the transient domain. However, the control- the attention mechanism improves GPU utilization while flow predictions are not 100% accurate, causing them learning long sequences more efficiently. Recently, BERT- to execute some instructions wrongly. These instructions like architectures are shown to be capable of modeling cause pipeline flush once they are detected, and their high-level programming languages [24], [25]. However, it results are never committed. Interestingly, microarchitec- is still unclear whether it will be effective to model a low- tural optimizations make it possible to leak secrets. The level programming language, such as Assembly language, critical period before the flush is commonly referred to as and help build more robust malware detection tools, which the transient domain. is the goal of this paper. There are two classes of attacks in the transient do- Our Contributions Our contributions are twofold. main [27]. The first one is called Meltdown-type at- First, we increase the diversity of Spectre gadgets with tacks [2], [28]–[32] which exploit delayed permission the mutational fuzzing technique. We start with 15 exam- checks and lazy pipeline flush in the re-order buffer. The ples [26] and produce 1 million gadgets by introducing other class is Spectre-type attacks [1], [3], [33]–[35] that various instructions and operands to the existing gadgets. exploit the speculative execution. As most Meltdown- Then, we propose a GAN-based tool, namely, Spectre- type attacks are fixed in latest microarchitectures and GAN, which learns the distribution of 1 million Spectre Spectre-type attacks are still applicable to a wide range gadgets to generate new gadgets with high accuracy. The of targets [27], i.e., Intel, AMD, and ARM CPUs, we generated gadgets are evaluated from both semantic and focus on Spectre-V1 attacks in this study. microarchitectural aspects to verify their diversity and Some researchers proposed new designs requiring a quality. Furthermore, we introduce novel gadgets that are change in the silicon level [36], [37] while others pro- not detected by state-of-the-art detection tools. posed software solutions to mitigate transient execution In the second part, we introduce FastSpec, a high attacks [38], [39]. Although these mitigations are effective dimensional neural embedding based detection technique against Spectre-type attacks, most of them are not used derived from BERT, to obtain a highly accurate and fast because of the drastic performance degradation [40]or the classifier for Spectre gadgets. We train FastSpec with lack of support in the current hardware. Hence, Spectre- generated gadgets and achieve a

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    17 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us