A Detecting Method Against Cross-Container Spectre Attacks

Spectre attacks exploit vulnerabilities in CPU architecture, affect almost all processors, and pose a threat to user information security. In the cloud platform, the isolation mechanism of the container can only ensure a limited level of security. Due to the sharing of hardware resources between con...

Full description

Saved in:
Bibliographic Details
Published in2022 IEEE 24th Int Conf on High Performance Computing & Communications; 8th Int Conf on Data Science & Systems; 20th Int Conf on Smart City; 8th Int Conf on Dependability in Sensor, Cloud & Big Data Systems & Application (HPCC/DSS/SmartCity/DependSys) pp. 1531 - 1538
Main Authors He, Xinfeng, Li, Yuanpu
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.12.2022
Subjects
Container Technology
Containers
Feature extraction
Forestry
Hardware
Hardware Performance Counters
Information security
Neural Network
Program processors
Random Forest
Real-time systems
Spectre Attacks
Online AccessGet full text

Cover

More Information
Summary:Spectre attacks exploit vulnerabilities in CPU architecture, affect almost all processors, and pose a threat to user information security. In the cloud platform, the isolation mechanism of the container can only ensure a limited level of security. Due to the sharing of hardware resources between containers, Spectre attacks can be implemented in cross-container way. In order to mitigate the damage of the attacks, we propose a method to detect cross-container Spectre attacks. When programs to be detected are running in the container, we use hardware performance counters to collect data. Then the random forest algorithm is used to select the most obvious features of Spectre attacks. Finally, a neural network is built to analyze the data to identify Spectre attacks. Experiments show that the system can detect Spectre attacks in containers efficiently and achieve better effect than the existing detection methods.
DOI:10.1109/HPCC-DSS-SmartCity-DependSys57074.2022.00235