瞬态执行攻击防御方法研究进展

doi:10.3778/j.issn.1002-8331.2407-0066

摘要/Abstract

摘要： 瞬态执行攻击利用处理器微架构的实现特性窃取秘密，并通过缓存侧信道泄露秘密相关信息，对现代商用处理器的信息安全构成了极大威胁。随着攻击研究的不断深入，其防御方法也成为了研究热点。对瞬态执行攻击防御技术发展现状进行了系统性总结，剖析了熔断型攻击、幽灵型攻击、数据采样型攻击和缓存隐蔽信道的形成原因及分类依据；总结了防御方法的实现原理与发展现状，依据防御措施的介入阶段将其分为四类：基于代码检测的、基于破坏瞬态行为的、基于中断隐蔽信道的和面向攻击检测的防御方法，其中，特别总结了结合机器学习的攻击检测方法。对现有防御研究中存在的关键问题进行了分析与总结，并展望了未来的研究方向，以期为后续研究工作提供帮助。

关键词: 系统安全, 瞬态执行攻击, 缓存侧信道, 防御方法, 处理器安全

Abstract: Transient execution attack (TEA) exploits the implementation characteristics of the central processor microarchitecture to steal secrets, and leak secret-related information through cache side channels, thereby posing a great threat to the information security of modern commercial processors. With the continuous deepening of attack research, its defense methods have also become a research hotspot. This paper systematically summarizes the development status of TEA defense technologies, and analyzes the underlying causes and classification criteria of meltdown-type attack, spectre-type attack, and microarchitecture data sampling (MDS) type attack and cache convert channels. Subsequently, the implementation principles and development status of defense methods are summarized, and they are classified into four categories based on the intervention stage of defense measures：code detection based, transient behavior destruction based, interrupt covert channel-based, and attack detection-oriented defense methods, specifically the attack detection method combined with machine learning is summarized. Finally, the key issues existing in the existing research work are analyzed and summarized, and the future research directions are prospected, in order to provide assistance for the subsequent research work.

Key words: system security, transient execution attacks, cache side channel, defense methods, processor security

李扬, 高菲, 马自强, 苗莉. 瞬态执行攻击防御方法研究进展[J]. 计算机工程与应用, 2025, 61(2): 37-58.

LI Yang, GAO Fei, MA Ziqiang, MIAO Li. Research Progress in Transient Execution Attack Defense Technologies[J]. Computer Engineering and Applications, 2025, 61(2): 37-58.

参考文献

[1] LIPP M, SCHWARZ M, GRUSS D, et al. Meltdown: reading kernel memory from user space[C]//Proceedings of the 27th USENIX Conference on Security Symposium. Berkeley, CA: USENIX Association, 2018: 1-18.
[2] KOCHER P, HORN J, FOGH A, et al. Spectre attacks: exploiting speculative execution[C]//Proceedings of the 2019 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2019: 1-19.
[3] BARBERIS E, FRIGO P, MUENCH M, et al. Branch history injection: on the effectiveness of hardware mitigations against cross-privilege spectre-v2 attacks[C]//Proceedings of the USENIX Security Symposium, 2022.
[4] TRUJILLO D, WIKNER J, RAZAVI K. Inception: exposing new attack surfaces with training in transient execution[C]//Proceedings of the 32nd USENIX Conference on Security Symposium. Berkeley, CA: USENIX Association, 2023: 7303-7320.
[5] WIKNER J, RAZAVI K. Retbleed: arbitrary speculative code execution with return instructions[C]//Proceedings of the 31st USENIX Conference on Security Symposium. Berkeley, CA: USENIX Association, 2022: 3825-3842.
[6] JIN Y, QIU P F, WANG C L, et al. Timing the transient execution: a new side-channel attack on intel CPUs[J]. arXiv:2304.10877, 2023.
[7] 吴晓慧, 贺也平, 马恒太, 等. 微架构瞬态执行攻击与防御方法[J]. 软件学报, 2020, 31(2): 544-563.
WU X H, HE Y P, MA H T, et al. Microarchitectural transient execution attacks and defense methods[J]. Journal of Software, 2020, 31(2): 544-563.
[8] 尹嘉伟, 李孟豪, 霍玮. 处理器微体系结构安全研究综述[J]. 信息安全学报, 2022, 7(4): 17-31.
YIN J W, LI M H, HUO W. Survey on security researches of processor’s microarchitecture[J]. Journal of Cyber Security, 2022, 7(4): 17-31.
[9] 李晔, 李沛南, 赵路坦, 等. 瞬态执行漏洞攻击及防御综述[J]. 高技术通讯, 2020, 30(8): 774-782.
LI Y, LI P N, ZHAO L T, et al. A survey of transient execution attacks and defenses[J]. Chinese High Technology Letters, 2020, 30(8): 774-782.
[10] XIONG W J, SZEFER J. Survey of transient execution attacks and their mitigations[J]. ACM Computing Surveys, 2021, 54(3): 54.
[11] FIOLHAIS L, SOUSA L. Transient-execution attacks: a computer architect perspective[J]. ACM Computing Surveys, 2023, 56(3): 74.
[12] HOLTRYD N R, MANIVANNAN M, STENSTR?M P. SoK: analysis of root causes and defense strategies for attacks on microarchitectural optimizations[C]//Proceedings of the 2023 IEEE 8th European Symposium on Security and Privacy. Piscataway: IEEE, 2023: 631-650.
[13] SINGH N, GANESAN V, REBEIRO C. A survey of security concerns and countermeasures in modern micro-architectures with transient execution[J]. arXiv:2305.16251, 2023.
[14] VAN BULCK J, MINKIN M, WEISSE O, et al. Foreshadow: extracting the keys to the intel SGX Kingdom with transient out-of-order execution[C]//Proceedings of the USENIX Security Symposium, 2018.
[15] WEISSE O, VAN BULCK J, MINKIN M, et al. Foreshadow-NG: breaking the virtual memory abstraction with transient out-of-order execution[EB/OL]. (2018-08-14)[2023-11-25]. https://foreshadowattack.eu/foreshadow-NG.pdf .
[16] Baidu Security. Meltdown v3r[EB/OL]. (2019-03-18)[2023-11-25]. https://anquan.baidu.com/article/143.
[17] Baidu security. Meltdown v3z and it mitigation[EB/OL]. (2019-08-23)[2023-11-25]. http://www.carch.ac.cn/hzjl/xshd/201906/t20190628_497154.html.
[18] CHEN G X, CHEN S C, XIAO Y, et al. SgxPectre: stealing intel secrets from SGX enclaves via speculative execution[C]//Proceedings of the 2019 IEEE European Symposium on Security and Privacy. Piscataway: IEEE, 2019: 142-157.
[19] O’KEEFFE D, MUTHUKUMARAN D, AUBLIN P L, et al. Spectre attack against SGX enclave[EB/OL]. (2018-01-15)[2023-12-25]. https://github.com/lsds/spectre-attack-sgx.
[20] STERNBERGER M. Spectre-NG: an avalanche of attacks[J]. Advanced Microkernel Operating Systems, 2018: 21.
[21] KORUYEH E M, KHASAWNEH K N, SONG C Y, et al. Spectre returns! speculation attacks using the return stack buffer[C]//Proceedings of the IEEE Design & Test. Piscataway: IEEE, 2024: 47-55.
[22] BHATTACHARYYA A, SáNCHEZ A, KORUYEH E M, et al. SpecROP: speculative exploitation of ROP chains[C]//Proceedings of the 23rd International Symposium on Research in Attacks, Intrusions and Defenses. Berkeley: USENIX Association, 2020: 1-16.
[23] MAISURADZE G, ROSSOW C. Ret2spec: speculative execution using return stack buffers[C]//Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2018: 2109-2122.
[24] CANELLA C, GENKIN D, GINER L, et al. Fallout[C]//Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2019: 769-784.
[25] VAN SCHAIK S, MILBURN A, ?STERLUND S, et al. RIDL: rogue in-flight data load[C]//Proceedings of the 2019 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2019: 88-105.
[26] SCHWARZ M, LIPP M, MOGHIMI D, et al. ZombieLoad[C]//Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2019: 753-768.
[27] MOGHIMI D, LIPP M, SUNAR B, et al. Medusa: microarchitectural data leakage via automated attack synthesis[C]//Proceedings of the 29th USENIX Security Symposium. Berkeley: USENIX Association, 2020: 1427-1444.
[28] VAN SCHAIK S, KWONG A, GENKIN D, et al. SGAxe: how SGX fails in practice[EB/OL]. (2020-09-21)[2024-01-21]. https://sgaxe.com/files/SGAxe.pdf.
[29] VAN SCHAIK S, MINKIN M, KWONG A, et al. CacheOut: leaking data on intel CPUs via cache evictions[C]//Proceedings of the 2021 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2021: 339-354.
[30] VAN BULCK J, MOGHIMI D, SCHWARZ M, et al. LVI: hijacking transient execution through microarchitectural load value injection[C]//Proceedings of the 2020 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2020: 54-72.
[31] LIU F F, YAROM Y, GE Q, et al. Last-level cache side-channel attacks are practical[C]//Proceedings of the 2015 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2015: 605-622.
[32] LIPP M, GRUSS D, SPREITZER R, et al. ARMageddon: cache attacks on mobile devices[C]//Proceedings of the 25th USENIX Conference on Security Symposium. Berkeley, CA: USENIX Association, 2016: 549-564.
[33] OSVIK D A, SHAMIR A, TROMER E. Cache attacks and countermeasures: the case of AES[C]//Topics in Cryptology-Cryptographers’ Track at the RSA Conference. Berlin, Heidelberg: Springer, 2006: 1-20.
[34] BRIONGOS S, MALAGóN P, MOYA J M, et al. Reload+ refresh: abusing cache replacement policies to perform stealthy cache attacks[C]//Proceedings of the 29th USENIX Security Symposium. Berkeley: USENIX Association, 2020: 1967-1984.
[35] YAROM Y, FALKNER K. Flush+Reload: a high resolution, low noise, L3 cache side-channel attack[C]//Proceedings of the 23rd USENIX Conference on Security Symposium. Berkeley, CA: USENIX Association, 2014: 719-732.
[36] GRUSS D, MAURICE C, WAGNER K, et al. Flush+Flush: a fast and stealthy cache attack[C]//Detection of Intrusions and Malware, and Vulnerability Assessment. Cham: Springer, 2016: 279-299.
[37] 张伟娟, 白璐, 凌雨卿, 等. 缓存侧信道攻击与防御[J]. 计算机研究与发展, 2023, 60(1): 206-222.
ZHANG W J, BAI L, LING Y Q, et al. Cache side-channel attacks and defenses[J]. Journal of Computer Research and Development, 2023, 60(1): 206-222.
[38] DISSELKOEN C, KOHLBRENNER D, PORTER L, et al. Prime+abort: a timer-free high-precision l3 Cache attack using intel TSX[C]//Proceedings of the 26th USENIX Conference on Security Symposium. Berkeley, CA: USENIX Association, 2017: 51-67.
[39] BHATTACHARYYA A, SANDULESCU A, NEUGSCHW-
ANDTNER M, et al. SMoTherSpectre[C]//Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2019: 785-800.
[40] FUSTOS J, BECHTEL M, YUN H, et al. SpectreRewind[C]//Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security. New York: ACM, 2020: 117-126.
[41] SCHWARZ M, SCHWARZL M, LIPP M, et al. NetSpectre: read arbitrary memory over network[C]//Proceedings of the 24th European Symposium on Research in Computer Security. Cham: Springer, 2019: 279-299.
[42] DE M J, PURNAL A, WOUTERS L, et al. SpectrEM: exploiting electromagnetic emanations during transient execution[C]//Proceedings of the 32nd USENIX Conference on Security Symposium. Berkeley, CA: USENIX Association, 2023: 6293-6310.
[43] RedHat Cor. spectre variant 1 scanning tool[EB/OL]. (2018-08-21)[2023-12-25]. https://access.redhat.com/blogs/766093/posts/3510331.
[44] GUO S J, CHEN Y Q, LI P, et al. SpecuSym: speculative symbolic execution for cache timing leak detection[C]//Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering. New York: ACM, 2020: 1235-1247.
[45] GUARNIERI M, K?PF B, MORALES J F, et al. Spectector: principled detection of speculative information flows[C]//Proceedings of the 2020 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2020: 1-19.
[46] OLEKSENKO O, TRACH B, SILBERSTEIN M, et al. SpecFuzz: bringing spectre-type vulnerabilities to the surface[J]. arXiv:1905.10311, 2019.
[47] OLEKSENKO O, GUARNIERI M, K?PF B, et al. Hide and seek with spectres: efficient discovery of speculative information leaks with random testing[C]//Proceedings of the 2023 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2023: 1737-1752.
[48] WANG G H, CHATTOPADHYAY S, GOTOVCHITS I, et al. oo7: low-overhead defense against spectre attacks via program analysis[J]. IEEE Transactions on Software Engineering, 2021, 47(11): 2504-2519.
[49] QI Z X, FENG Q, CHENG Y Q, et al. SpecTaint: speculative taint analysis for discovering spectre gadgets[C]//Proceedings 2021 Network and Distributed System Security Symposium. Internet Society, 2021: 1-14.
[50] JOHANNESMEYER B, KOSCHEL J, RAZAVI K, et al. Kasper: scanning for generalized transient execution gadgets in the linux kernel[C]//Proceedings 2022 Network and Distributed System Security Symposium, 2022: 1-12.
[51] DOYCHEV G, K?PF B, MAUBORGNE L, et al. CacheAudit: a tool for the static analysis of cache side channels[J]. ACM Transactions on Information and System Security, 2015, 18(1): 4.
[52] DOYCHEV G, K?PF B. Rigorous analysis of software countermeasures against cache attacks[C]//Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation. New York: ACM, 2017: 406-421.
[53] WANG S, BAO Y Y, LIU X, et al. Identifying cache-based side channels through secret-augmented abstract interpretation[C]//Proceedings of the 28th USENIX Conference on Security Symposium. New York: ACM, 2019: 657-674.
[54] WANG S, WANG P, LIU X, et al. CacheD: identifying Cache-based timing channels in production software[C]//Proceedings of the 26th USENIX Conference on Security Symposium. Berkeley, CA: USENIX Association, 2017: 235-252.
[55] BROTZMAN R, LIU S, ZHANG D F, et al. CaSym: cache aware symbolic execution for side channel detection and mitigation[C]//Proceedings of the 2019 IEEE Symposium on Security and Privacy. Piscataway: IEEE, 2019: 505-521.
[56] JIANG K, BAO Y Y, WANG S, et al. Cache refinement type for side-channel detection of cryptographic software[C]//Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2022: 1583-1597.
[57] WEISER S, ZANKL A, SPREITZER R, et al. DATA-differential address trace analysis: finding address-based side-channels in binaries[C]//Proceedings of the USENIX Security Symposium, 2016.
[58] XIAO Y, LI M Y, CHEN S C, et al. STACCO: differentially analyzing side-channel traces for detecting SSL/TLS vulnerabilities in secure enclaves[C]//Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2017: 859-874.
[59] WICHELMANN J, MOGHIMI A, EISENBARTH T, et al. MicroWalk: a framework for finding side channels in binaries[C]//Proceedings of the 34th Annual Computer Security Applications Conference. New York: ACM, 2018: 161-173.
[60] WICHELMANN J, SIECK F, P?TSCHKE A, et al. Microwalk-CI: practical side-channel analysis for JavaScript applications[C]//Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2022: 2915-2929.
[61] YUAN Y, LIU Z, WANG S. CacheQL: quantifying and Localizing Cache Side-Channel Vulnerabilities in production software[C]//Proceedings of the 32nd USENIX Conference on Security Symposium. Berkeley, CA: USENIX Association, 2023: 2009-2026.
[62] MILBURN A, SUN K, KAWAKAMI H. You cannot always win the race: analyzing the LFENCE/JMP mitigation for branch target injection[J]. arXiv:2203.04277, 2022.
[63] Intel. Using intel compilers to mitigate speculative execution side-channel issues[EB/OL]. (2018-04-21)[2024-01-25]. https://software.intel.com/enus/articles/using-intel-compilers-to-mitigate-speculative-execution-side-channel-issues.
[64] Microsoft. Spectre mitigations in MSVC[EB/OL]. (2018-04-19)[2023-12-21]. https://devblogs.microsoft.com/cppblog/spectre-mitigations-in-msvc/.
[65] TARAM M, VENKAT A, TULLSEN D. Context-sensitive fencing: securing speculative execution via microcode customization[C]//Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems. New York: ACM, 2019: 395-410.
[66] LI P N, ZHAO L T, HOU R, et al. Conditional speculation: an effective approach to safeguard out-of-order execution against spectre attacks[C]//Proceedings of the 2019 IEEE International Symposium on High Performance Computer Architecture. Piscataway: IEEE, 2019: 264-276.
[67] WEISSE O, NEAL I, LOUGHLIN K, et al. NDA: preventing speculative execution attacks at their source[C]//Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture. New York: ACM, 2019: 572-586.
[68] YU J Y, YAN M J, KHYZHA A, et al. Speculative taint tracking (STT): a comprehensive protection for speculatively accessed data[C]//Proceedings of the IEEE Micro. Piscataway: IEEE, 2020: 81-90.
[69] CHANDLER C. Speculative load hardening[EB/OL]. (2018-07-21)[2024-01-15]. https://llvm.org/docs/SpeculativeLoadHardening. html.
[70] PATRIGNANI M, GUARNIERI M, PATRIGNANI M, et al. Exorcising spectres with secure compilers[C]//Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2021: 445-461.
[71] ZHANG Z, BARTHE G, CHUENGSATIANSUP C, et al. Ultimate SLH: taking speculative load hardening to the next level[C]//Proceedings of the 32nd USENIX Conference on Security Symposium. Berkeley, CA: USENIX Association, 2023: 7125-7142.
[72] PAUL T. Retpoline: a software construct for preventing branch target injection[EB/OL]. (2018-04-25)[2024-01-22]. https://support.google.com/faqs/answer/7625886.
[73] Intel. Retpoline: a branch target injection mitigation[EB/OL]. (2018-08-21)[2024-01-23]. https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf?source=techstories.org.
[74] MICHAEL L. Call depth tracking for less costly retbleed mitigation hopes to land soon[EB/OL]. (2022-07-17)[2024-01-26]. https://www.phoronix.com/news/Call-Depth-Tracking-Hope-Soon.
[75] HETTERICH L, BAUER M, SCHWARZ M, et al. Switchpoline: a software mitigation for spectre-BTB and spectre-BHB on ARMv8[C]//Proceedings of the 19th ACM Asia Conference on Computer and Communications Security. New York: ACM, 2024: 1-14.
[76] LI P N, HOU R, ZHAO L T, et al. Conditional address propagation: an efficient defense mechanism against transient execution attacks[C]//Proceedings of the 59th ACM/IEEE Design Automation Conference. New York: ACM, 2022: 547-552.
[77] ARM Cor. AMD speculative processor vulnerability[EB/OL]. (2018-01-03)[2023-11-28]. https://developer.arm.com/Arm Security Center/Speculative Processor Vulnerability.
[78] Intel Cor. Intel speculative side channel mitigations[EB/OL]. (2018-01-03)[2023-11-28]. https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/speculative-execution-side-channel-mitigations.html.
[79] Intel Cor. Intel feature documentation: indirect branch restricted speculation[EB/OL]. (2018-01-03)[2024-01-15]. https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/indirect-branch-restricted-speculation.html.
[80] Intel Cor. Intel feature documentation: single thread indirect branch predictors[EB/OL]. (2018-01-03)[2024-01-15]. https://www.intel.cn/content/www/cn/zh/developer/articles/technical/software-security-guidance/technical-documentation/single-thread-indirect-branch-predictors.html.
[81] Intel Cor. Intel feature documentation: indirect branch predictor barrier[EB/OL]. (2018-01-03)[2024-01-15]. https://www.intel.cn/content/www/cn/zh/developer/articles/technical/software-security-guidance/technical-documentation/indirect-branch-predictor-barrier. html.
[82] GRUSS D, LIPP M, SCHWARZ M, et al. KASLR is dead: long live KASLR[C]//Proceedings of the 9th International Symposium on Engineering Secure Software and Systems. Cham: Springer, 2017: 161-176.
[83] LWN Net. A page-table isolation update[EB/OL]. (2018-02-21)[2024-02-21]. https://lwn.net/Articles/752621/.
[84] REIS C. Mitigating spectre with site isolation in chrome [EB/OL]. (2018-09-03)[2024-02-01]. https://security.googleblog.com/2018/07/mitigating-spectre-with-site-isolation.html.
[85] KHASAWNEH K N, KORUYEH E M, SONG C Y, et al. SafeSpec: banishing the spectre of a meltdown with leakage-free speculation[C]//Proceedings of the 2019 56th ACM/IEEE Design Automation Conference. Piscataway: IEEE, 2019: 1-6.
[86] YAN M J, CHOI J, SKARLATOS D, et al. InvisiSpec: making speculative execution invisible in the cache hierarchy[C]//Proceedings of the 2018 51st Annual IEEE/ACM International Symposium on Microarchitecture. Piscataway: IEEE, 2018: 428-441.
[87] SAKALIS C, KAXIRAS S, ROS A, et al. Efficient invisible speculative execution through selective delay and value prediction[C]//Proceedings of the 2019 ACM/IEEE 46th Annual International Symposium on Computer Architecture. Piscataway: IEEE, 2019: 723-735.
[88] ZHAO Z N, JI H X, YAN M J, et al. Speculation invariance (InvarSpec): faster safe execution through program analysis[C]//Proceedings of the 2020 53rd Annual IEEE/ACM International Symposium on Microarchitecture. Piscataway: IEEE, 2020: 1138-1152.
[89] BARBER K, BACHA A, ZHOU L, et al. SpecShield: shielding speculative data from microarchitectural covert channels[C]//Proceedings of the 2019 28th International Conference on Parallel Architectures and Compilation Techniques. Piscataway: IEEE, 2019: 151-164.
[90] FUSTOS J, FARSHCHI F, YUN H. SpectreGuard: an efficient data-centric defense mechanism against spectre attacks[C]//Proceedings of the 2019 56th ACM/IEEE Design Automation Conference. Piscataway: IEEE, 2019: 1-6.
[91] SCHWARZ M, LIPP M, CANELLA C, et al. ConTExT: a generic approach for mitigating spectre[C]//Proceedings of the 27th Annual Network and Distributed System Security Symposium, 2020.
[92] LOUGHLIN K, NEAL I, MA J, et al. DOLMA: securing speculation with the principle of transient non-observability[C]//Proceedings of the 30th USENIX Conference on Security Symposium. Berkeley, CA: USENIX Association, 2021: 1397-1414.
[93] KIRIANSKY V, LEBEDEV I, AMARASINGHE S, et al. DAWG: a defense against cache timing attacks in speculative execution processors[C]//Proceedings of the 2018 51st Annual IEEE/ACM International Symposium on Microarchitecture. Piscataway: IEEE, 2018: 974-987.
[94] KONG J F, ACIICMEZ O, SEIFERT J P, et al. Hardware-software integrated approaches to defend against software cache-based side channel attacks[C]//Proceedings of the 2009 IEEE 15th International Symposium on High Performance Computer Architecture. Piscataway: IEEE, 2009: 393-404.
[95] WANG Z H, LEE R B. Covert and side channels due to processor architecture[C]//Proceedings of the 2006 22nd Annual Computer Security Applications Conference. Piscataway: IEEE, 2006: 473-482.
[96] DOMNITSER L, JALEEL A, LOEW J, et al. Non-monopolizable caches: low-complexity mitigation of cache side channel attacks[J]. ACM Transactions on Architecture and Code Optimization, 2012, 8(4): 35.
[97] TOWNLEY D, ARIKAN K, LIU Y D, et al. Composable cachelets: protecting enclaves from cache side-channel attacks[C]//Proceedings of the 31st USENIX Conference on Security Symposium. Berkeley, CA: USENIX Association, 2022: 2839-2856.
[98] HERTOGH M, WIESINGER M, ?STERLUND S, et al. Quarantine: mitigating transient execution attacks with physical domain isolation[C]//Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses. New York: ACM, 2023: 207-221.
[99] KIM T, PEINADO M, MAINAR-RUIZ G. StealthMem: system-level protection against cache-based side channel attacks in the cloud[C]//Proceedings of the 21st USENIX Conference on Security Symposium. Berkeley, CA: USENIX Association, 2012: 189-204.
[100] ZHOU Z Q, REITER M K, ZHANG Y Q, et al. A software approach to defeating side channels in last-level caches[C]//Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2016: 871-882.
[101] PANDA B. Fooling the sense of cross-core last-level cache eviction based attacker by prefetching common sense[C]//Proceedings of the 2019 28th International Conference on Parallel Architectures and Compilation Techniques. Piscataway: IEEE, 2019: 138-150.
[102] ALMEIDA J B, BARBOSA M, BARTHE G, et al. Verifying constant-time implementations[C]//Proceedings of the 25th USENIX Conference on Security Symposium. Berkeley, CA: USENIX Association, 2016, 16: 53-70.
[103] BARTHE G, BETARTE G, CAMPO J, et al. System-level non-interference for constant-time cryptography[C]//Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2014: 1267-1279.
[104] WERNER M, UNTERLUGGAUER T, GINER L, et al. Scatter-cache: thwarting cache attacks via cache set randomization[C]//Proceedings of the 28th USENIX Conference on Security symposium, Santa Clara, Aug 14-6 2019. Berkeley, CA: USENIX Association, 2019: 675-692.
[105] WANG Z H, LEE R B. A novel cache architecture with enhanced performance and security[C]//Proceedings of the 2008 41st IEEE/ACM International Symposium on Microarchitecture. Piscataway: IEEE, 2008: 83-93.
[106] BANDARA S, KINSY M A. Adaptive caches as a defense mechanism against cache side-channel attacks[J]. Journal of Cryptographic Engineering, 2021, 11(3): 239-255.
[107] ZHANG T W, ZHANG Y Q, LEE R B. CloudRadar: a real-time side-channel attack detection system in clouds[M]//Research in attacks, intrusions, and defenses. Cham: Springer, 2016: 118-140.
[108] YAN H, CUI C Y. CacheHawkeye: detecting cache side channel attacks based on memory events[J]. Future Internet, 2022, 14(1): 24.
[109] WU M J, MCCAMANT S, YEW P C, et al. PREDATOR: a cache side-channel attack detector based on precise event monitoring[C]//Proceedings of the 2022 IEEE International Symposium on Secure and Private Execution Environment Design. Piscataway: IEEE, 2022: 25-36.
[110] LUO M L, XIONG W J, LEE G, et al. AutoCAT: reinforcement learning for automated exploration of cache-timing attacks[J]. arXiv:2208.08025, 2022.
[111] BROTZMAN R, ZHANG D F, KANDEMIR M T, et al. SpecSafe: detecting cache side channels in a speculative world[J]. Proceedings of the ACM on Programming Languages, 2021, 5: 129.
[112] DING R Y, ZHANG Z Y, ZHANG X, et al. A cross-platform cache timing attack framework via deep learning[C]//Proceedings of the 2022 Design, Automation & Test in Europe Conference & Exhibition. Piscataway: IEEE, 2022: 676-681.
[113] CHIAPPETTA M, SAVAS E, YILMAZ C. Real time detection of cache-based side-channel attacks using hardware performance counters[J]. Applied Soft Computing, 2016, 49: 1162-1174.
[114] ZHANG T W, ZHANG Y Q, LEE R B, et al. Analyzing cache side channels using deep neural networks[C]//Proceedings of the 34th Annual Computer Security Applications Conference. New York: ACM, 2018: 174-186.
[115] DEPOIX J, ALTMEYER P. Detecting spectre attacks by identifying cache side-channel attacks using machine learning[J]. Advanced Microkernel Operating Systems, 2018, 75: 48.
[116] ALLAF Z, ADDA M, GEGOV A. A comparison study on Flush+Reload and Prime+Probe attacks on AES using machine learning approaches[C]//Advances in Computational Intelligence Systems. Cham: Springer, 2017: 203-213.
[117] MUSHTAQ M, AKRAM A, BHATTI M K, et al. Nights-watch: a Cache-based side-channel intrusion detector using hardware performance counters[C]//Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and Privacy. New York: ACM, 2018: 1-8.
[118] MUSHTAQ M, AKRAM A, BHATTI M K, et al. Run-time detection of prime probe side-channel attack on AES encryption algorithm[C]//Proceedings of the 2018 Global Information Infrastructure and Networking Symposium. Piscataway: IEEE, 2018: 1-5.
[119] MUSHTAQ M, NOVO D, BRUGUIER F, et al. Transit-guard: an OS-based defense mechanism against transient execution attacks[C]//Proceedings of the 2021 IEEE European Test Symposium. Piscataway: IEEE, 2021: 1-2.
[120] TONG Z K, ZHU Z Y, WANG Z P, et al. Cache side-channel attacks detection based on machine learning[C]//Proceedings of the 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications. Piscataway: IEEE, 2020: 919-926.
[121] KHASAWNEH K N, ABU-GHAZALEH N B, PONOMAREV D, et al. Adversarial evasion-resilient hardware malware detectors[C]//Proceedings of the 2018 IEEE/ACM International Conference on Computer-Aided Design. Piscataway: IEEE, 2018: 1-6.
[122] DINAKARRAO S M P, AMBERKAR S, BHAT S, et al. Adversarial attack on microarchitectural events based malware detectors[C]//Proceedings of the 2019 56th ACM/IEEE Design Automation Conference. Piscataway: IEEE, 2019: 1-6.
[123] LI C M, GAUDIOT J L. Challenges in detecting an “evasive spectre”[J]. IEEE Computer Architecture Letters, 2020, 19(1): 18-21.
[124] ISLAM M S, KURUVILA A P, BASU K, et al. ND-HMDs: non-differentiable hardware malware detectors against evasive transient execution attacks[C]//Proceedings of the 2020 IEEE 38th International Conference on Computer Design. Piscataway: IEEE, 2020: 537-544.
[125] 姚梓豪, 栗远明, 马自强, 等. 基于机器学习的多目标缓存侧信道攻击检测模型[J]. 计算机应用, 2024, 44(6): 1862-1871.
YAO Z H, LI Y M, MA Z Q, et al. Multi-object cache side-channel attack detection model based on machine learning[J]. Journal of Computer Applications, 2024, 44(6): 1862-1871.
[126] 李扬, 尹大鹏, 马自强, 等. 结合决策树和AdaBoost的缓存侧信道攻击检测[J]. 计算机工程与科学, 2024, 46(3): 440-452.
LI Y, YIN D P, MA Z Q, et al. Cache side-channel attack detection combining decision tree and AdaBoost[J]. Computer Engineering & Science, 2024, 46(3): 440-452.
[127] ZHENG B L, GU J N, WANG J L, et al. CBA-Detector: a self-feedback detector against cache-based attacks[J]. IEEE Transactions on Dependable and Secure Computing, 2022, 19(5): 3231-3243.
[128] YAO F, FANG H Y, DOROSLOVACKI M, et al. Towards a better indicator for cache timing channels[J]. arXiv:1902.04711, 2019.
[129] ALI AHMAD B. Real time detection of spectre and meltdown attacks using machine learning[J]. arXiv:2006.01442, 2020.
[130] LI C M, GAUDIOT J L. Detecting spectre attacks using hardware performance counters[J]. IEEE Transactions on Computers, 2022, 71(6): 1320-1331.