Abstract
The Spectre attacks in modern processors have been inherently conveyed in the major Docker clients. The speculative execution mechanism in a processor can be maliciously used to access unauthorized content of other users, where the processor is the same for all the tenants. Instructions and code that completed execution and remained in the micro-architecture as cache could be accessed by the attacker through cache-side channel attacks. In this paper, we propose an automated solution to detect susceptible code snippets in the binary program and implement a patch to avoid further attacks. The proposed methodology extracts control flow, address analysis and taint analysis to detect the conditional branches that maliciously access memory speculatively. We have used the Kocher tests, which are a set of susceptible code patterns to generate malicious snippets. In a nutshell, the proposed system implements fences around suspicious conditional branches that stop speculative execution in the processor. Moreover, our evaluation also considers runtime overhead, analysis time, and effectiveness.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
