Real time Detection of Spectre and Meltdown Attacks Using Machine Learning
share
Recently discovered Spectre and meltdown attacks affects almost all processors by leaking confidential information to other processes through side-channel attacks. These vulnerabilities expose design flaws in the architecture of modern CPUs. To fix these design flaws, it is necessary to make changes in the hardware of modern processors which is a non-trivial task. Software mitigation techniques for these vulnerabilities cause significant performance degradation. In order to mitigate against Spectre and Meltdown attacks while retaining the performance benefits of modern processors, in this paper, we present a real-time detection mechanism for Spectre and Meltdown attacks by identifying the misuse of speculative execution and side-channel attacks. We use hardware performance counters and software events to monitor activity related to speculative execution, branch prediction, and cache interference. We use various machine learning models to analyze these events. These events produce a very distinctive pattern while the system is under attack; machine learning models are able to detect Meltdown and Spectre attacks under realistic load conditions with an accuracy of over 99
READ FULL TEXT
