BranchSpec: Information Leakage Attacks Exploiting Speculative Branch Instruction Executions

Recent studies on attacks exploiting processor hardware vulnerabilities have raised significant concern for information security. Particularly, transient execution attacks such as Spectre augment microarchitectural side channels with speculative executions that lead to exfiltration of secretive data not intended to be accessed. Many prior works have demonstrated the manipulation of branch predictors for triggering speculative executions, and thereafter leaking sensitive information through processor microarchitectural components. In this paper, we present a new class of microarchitectural attack, called BranchSpec, that performs information leakage by exploiting state changes of branch predictors in speculative path. Our key observation is that, branch instruction executions in speculative path alter the states of branch pattern history, which are not restored even after the speculatively executed branches are eventually squashed. Unfortunately, this enables adversaries to harness branch predictors as the transmitting medium in transient execution attacks. More importantly, as compared to existing speculative attacks (e.g., Spectre), BranchSpec can take advantage of much simpler code patterns in victim's code base, making the impact of such exploitation potentially even more severe. To demonstrate this security vulnerability, we have implemented two variants of BranchSpec attacks: a side channel where a malicious spy process infers cross-boundary secrets via victim's speculatively executed nested branches, and a covert channel that communicates secrets through intentionally perturbing the branch pattern history structure via speculative branch executions. Our evaluation on Intel Skylake- and Coffee Lake-based processors reveals that these information leakage attacks are highly accurate and successful. To the best of our knowledge, this is the first work to reveal the information leakage threat due to speculative state update in branch predictor. Our studies further broaden the attack surface of processor microarchitecture, and highlight the needs for branch prediction mechanisms that are secure in transient executions.

[1]  Milos Doroslovacki,et al.  Covert Timing Channels Exploiting Non-Uniform Memory Access based Architectures , 2017, ACM Great Lakes Symposium on VLSI.

[2]  Michael Hamburg,et al.  Spectre Attacks: Exploiting Speculative Execution , 2018, 2019 IEEE Symposium on Security and Privacy (SP).

[3]  Yale N. Patt,et al.  A two-level approach to making class predictions , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[4]  Engin Kirda,et al.  Speculator: a tool to analyze speculative execution attacks and mitigations , 2019, ACSAC.

[5]  Jean-Pierre Seifert,et al.  New Branch Prediction Vulnerabilities in OpenSSL and Necessary Software Countermeasures , 2007, IMACC.

[6]  Nael B. Abu-Ghazaleh,et al.  Understanding and Mitigating Covert Channels Through Branch Predictors , 2016, ACM Trans. Archit. Code Optim..

[7]  Milos Doroslovacki,et al.  COTSknight: Practical Defense against Cache Timing Channel Attacks using Cache Monitoring and Partitioning Technologies , 2019, 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[8]  Nael B. Abu-Ghazaleh,et al.  BranchScope: A New Side-Channel Attack on Directional Branch Predictor , 2018, ASPLOS.

[9]  Tao Zhang,et al.  Exploring Branch Predictors for Constructing Transient Execution Trojans , 2020, ASPLOS.

[10]  Ran El-Yaniv,et al.  Quantized Neural Networks: Training Neural Networks with Low Precision Weights and Activations , 2016, J. Mach. Learn. Res..

[11]  James E. Smith,et al.  A study of branch prediction strategies , 1981, ISCA '98.

[12]  Josep Torrellas,et al.  InvisiSpec: Making Speculative Execution Invisible in the Cache Hierarchy , 2018, 2018 51st Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).

[13]  Marcus Peinado,et al.  Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing , 2016, USENIX Security Symposium.

[14]  Gururaj Saileshwar,et al.  CleanupSpec: An "Undo" Approach to Safe Speculation , 2019, MICRO.

[15]  Ofir Weisse,et al.  NDA: Preventing Speculative Execution Attacks at Their Source , 2019, MICRO.

[16]  Milos Doroslovacki,et al.  Are Coherence Protocol States Vulnerable to Information Leakage? , 2018, 2018 IEEE International Symposium on High Performance Computer Architecture (HPCA).

[17]  Guru Venkataramani,et al.  Leveraging Cache Management Hardware for Practical Defense Against Cache Timing Channel Attacks , 2019, IEEE Micro.

[18]  Josep Torrellas,et al.  Speculative Taint Tracking (STT): A Comprehensive Protection for Speculatively Accessed Data , 2019, IEEE Micro.

[19]  Jakub Szefer,et al.  Survey of Transient Execution Attacks , 2020, ArXiv.

[20]  Fan Yao,et al.  Are Crossbar Memories Secure? New Security Vulnerabilities in Crossbar Memories , 2019, IEEE Computer Architecture Letters.

[21]  Marcus Peinado,et al.  Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems , 2015, 2015 IEEE Symposium on Security and Privacy.

[22]  Daniel Sánchez,et al.  Fractal: An execution model for fine-grain nested speculative parallelism , 2017, 2017 ACM/IEEE 44th Annual International Symposium on Computer Architecture (ISCA).

[23]  Yale N. Patt,et al.  The effect of speculatively updating branch history on branch prediction accuracy, revisited , 1994, MICRO 27.