A Detecting Method Against Cross-Container Spectre Attacks
Spectre attacks exploit vulnerabilities in CPU architecture, affect almost all processors, and pose a threat to user information security. In the cloud platform, the isolation mechanism of the container can only ensure a limited level of security. Due to the sharing of hardware resources between con...
Saved in:
Published in | 2022 IEEE 24th Int Conf on High Performance Computing & Communications; 8th Int Conf on Data Science & Systems; 20th Int Conf on Smart City; 8th Int Conf on Dependability in Sensor, Cloud & Big Data Systems & Application (HPCC/DSS/SmartCity/DependSys) pp. 1531 - 1538 |
---|---|
Main Authors | , |
Format | Conference Proceeding |
Language | English |
Published |
IEEE
01.12.2022
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | Spectre attacks exploit vulnerabilities in CPU architecture, affect almost all processors, and pose a threat to user information security. In the cloud platform, the isolation mechanism of the container can only ensure a limited level of security. Due to the sharing of hardware resources between containers, Spectre attacks can be implemented in cross-container way. In order to mitigate the damage of the attacks, we propose a method to detect cross-container Spectre attacks. When programs to be detected are running in the container, we use hardware performance counters to collect data. Then the random forest algorithm is used to select the most obvious features of Spectre attacks. Finally, a neural network is built to analyze the data to identify Spectre attacks. Experiments show that the system can detect Spectre attacks in containers efficiently and achieve better effect than the existing detection methods. |
---|---|
DOI: | 10.1109/HPCC-DSS-SmartCity-DependSys57074.2022.00235 |