Multi hardware-attack dataset and ML-based detection using processor stress patterns on x86
Hardware attacks exploit the vulnerabilities discov-ered in state-of-the-art CPUs. As an example, attacks such asMeltdown and Spectre have made the headlines. To benefit fromthe vulnerabilities, hardware attacks stress tremendously somesection/s of the processor, usually the branch-prediction unit a...
| Autores: | , , |
|---|---|
| Tipo de recurso: | artículo |
| Fecha de publicación: | 2025 |
| País: | España |
| Institución: | Universitat Politècnica de Catalunya (UPC) |
| Repositorio: | UPCommons. Portal del coneixement obert de la UPC |
| Idioma: | inglés |
| OAI Identifier: | oai:upcommons.upc.edu:2117/443421 |
| Acceso en línea: | https://hdl.handle.net/2117/443421 https://dx.doi.org/10.64552/wipiec.v11i1.94 |
| Access Level: | acceso abierto |
| Palabra clave: | Security Hardware attack Spectre Meltdown Fallout Machine learning Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica Àrees temàtiques de la UPC::Informàtica::Hardware Àrees temàtiques de la UPC::Informàtica::Intel·ligència artificial::Aprenentatge automàtic |
| Sumario: | Hardware attacks exploit the vulnerabilities discov-ered in state-of-the-art CPUs. As an example, attacks such asMeltdown and Spectre have made the headlines. To benefit fromthe vulnerabilities, hardware attacks stress tremendously somesection/s of the processor, usually the branch-prediction unit andthe different cache levels. This gives us a recognizable patternand a way to implement a system capable of detecting thepresence of these attacks while monitoring the computer. In thispaper, we describe the set of hardware attacks under focus, thenwe describe how we create the dataset and, finally, the use ofmachine learning to detect the attacks in three scenarios (i.e.training on both benign applications and attacks, training ononly benign applications and training only on attacks) and twox86 CPUs (Intel and AMD). The techniques proposed are capableof achieving over 99% detection rate with a machine learningmodel. This provides a run-time solution to quickly identify theattack as it starts running and take remedial actions. |
|---|