Survey of Transient Execution Attacks and Their Mitigations

2021 ◽  
Vol 54 (3) ◽  
pp. 1-36
Author(s):  
Wenjie Xiong ◽  
Jakub Szefer
Keyword(s):  
Information Leakage ◽  
Speculative Execution ◽  
Covert Channel ◽  
Covert Channels ◽  
Critical Data ◽  
Different Types ◽  
Temporal And Spatial ◽  
Main Components ◽  
First Disclosure

Transient execution attacks, also known as speculative execution attacks, have drawn much interest in the last few years as they can cause critical data leakage. Since the first disclosure of Spectre and Meltdown attacks in January 2018, a number of new transient execution attack types have been demonstrated targeting different processors. A transient execution attack consists of two main components: transient execution itself and a covert channel that is used to actually exfiltrate the information.Transient execution is a result of the fundamental features of modern processors that are designed to boost performance and efficiency, while covert channels are unintended information leakage channels that result from temporal and spatial sharing of the micro-architectural components. Given the severity of the transient execution attacks, they have motivated computer architects in both industry and academia to rethink the design of the processors and to propose hardware defenses. To help understand the transient execution attacks, this survey summarizes the phases of the attacks and the security boundaries across which the information is leaked in different attacks.This survey further analyzes the causes of transient execution as well as the different types of covert channels and presents a taxonomy of the attacks based on the causes and types. This survey in addition presents metrics for comparing different aspects of the transient execution attacks and uses them to evaluate the feasibility of the different attacks. This survey especially considers both existing attacks and potential new attacks suggested by our analysis. This survey finishes by discussing different mitigations that have so far been proposed at the micro-architecture level and discusses their benefits and limitations.

Evaluation of the timing covert channel capacity considering packet transfer time distribution

2021 ◽  
Author(s):  
A.I. Belozubova ◽  
A.V. Epishkina ◽  
K.G. Kogos
Keyword(s):  
Information Transmission ◽  
Channel Capacity ◽  
Security Policy ◽  
Information Leakage ◽  
Covert Channel ◽  
Time Interval ◽  
Transfer Time ◽  
Covert Channels ◽  
Effective Prevention ◽  
Allowable Level

Lampson was the first to introduce a covert channel as a channel that was not designed for information transmission. The problem of information leakage via network covert channels has a large scale due to the facts that IP protocol is widely used and has a lot of features to use it for hidden information transmission. Usually covert channels are divided into two groups by transmission technic: storage and timing covert channels. In the paper authors provide brief survey for network timing and storage covert channels as well as methods of information leakage counteraction. According to best practices, information systems and infrastructure have an information security policy with the requirements about allowable level of covert channel capacity. However, to take a decision about any method activation it is important not to allow underestimation of covert channel capacity. For the effective prevention of information leakage via network covert channels authors suggest a way to assess timing covert channel capacity. Two binary timing channels have been investigated: on/off and channel based on inter packet intervals modulation. In on/off covert channel the sender sends a packet during a preliminarily agreed time interval to transmit the bit «1» and does not send to transmit the bit «0». In a covert channel based on inter packet intervals modulation the sender sends packets with different time intervals defining different bits. The scientific novelty consists in taking into account network load conditions while assessing maximum amount of information that can be stealthily transmitted from secure infrastructure to an illegitimate receiver beyond secure perimeter. Authors investigated cases when packet transfer time from the sender to the receiver in the network (PTT) is defined by normal and exponential distribution – the most common distribution according to current research. Covert channel capacity is evaluated as a function of covert channel parameters and parameters of the PTT distribution (DPTT). Conducted research shows that in case when secure officer does not take into account typical load for the network and DPTT type maximum covert channel capacity will most likely be underestimated. If allowable level of covert channel capacity is set up, obtained results allow to take right decision about activation of countermeasures to prevent information leakage.

scholarly journals Speculative taint tracking (STT)

2021 ◽  
Vol 64 (12) ◽  
pp. 105-112
Author(s):  
Jiyong Yu ◽  
Mengjia Yan ◽  
Artem Khyzha ◽  
Adam Morrison ◽  
Josep Torrellas ◽  
...  
Keyword(s):  
High Performance ◽  
Formal Analysis ◽  
Main Idea ◽  
Speculative Execution ◽  
Covert Channel ◽  
Security Threat ◽  
Covert Channels ◽  
High Security ◽  
Taint Tracking ◽  
Program Data

Speculative execution attacks present an enormous security threat, capable of reading arbitrary program data under malicious speculation, and later exfiltrating that data over microarchitectural covert channels. This paper proposes speculative taint tracking (STT), a high security and high performance hardware mechanism to block these attacks. The main idea is that it is safe to execute and selectively forward the results of speculative instructions that read secrets, as long as we can prove that the forwarded results do not reach potential covert channels. The technical core of the paper is a new abstraction to help identify all micro-architectural covert channels, and an architecture to quickly identify when a covert channel is no longer a threat. We further conduct a detailed formal analysis on the scheme in a companion document. When evaluated on SPEC06 workloads, STT incurs 8.5% or 14.5% performance overhead relative to an insecure machine.

Comparison of diffused layer prepared using liquid dopant solutions and pastes for solar cell with screen printed electrodes

2016 ◽  
Vol 33 (3) ◽  
pp. 167-171 ◽  
Author(s):  
Kazimierz Drabczyk ◽  
Edyta Wróbel ◽  
Grazyna Kulesza-Matlak ◽  
Wojciech Filipowski ◽  
Krzysztof Waczynski ◽  
...  
Keyword(s):  
Solar Cells ◽  
Ethyl Alcohol ◽  
Diffusion Processes ◽  
Phosphorus Oxychloride ◽  
Low Cost ◽  
Content Type ◽  
Base Solution ◽  
Different Types ◽  
Main Components ◽  
Two Stages

Purpose The purpose of this study is comparison of the diffusion processes performed using the commercial available dopant paste made by Filmtronics and the original prepared liquid dopant solution. To decrease prices of industrially produced silicon-based solar cells, the new low-cost production processes are necessary. The main components of most popular silicon solar cells are with diffused emitter layer, passivation, anti-reflective layers and metal electrodes. This type of cells is prepared usually using phosphorus oxychloride diffusion source and metal pastes for screen printing. The diffusion process in diffusion furnace with quartz tube is slow, complicated and requires expensive equipment. The alternative for this technology is very fast in-line processing using the belt furnaces as an equipment. This approach requires different dopant sources. Design/methodology/approach In this work, the diffusion processes were made for two different types of dopant sources. The first one was the commercial available dopant paste from Filmtronics and the second one was the original prepared liquid dopant solution. The investigation was focused on dopant sources fabrication and diffusion processes. The doping solution was made in two stages. In the first stage, a base solution (without dopants) was made: dropwise deionized (DI) water and ethyl alcohol were added to a solution consisting of tetraethoxysilane (TEOS) and 99.8 per cent ethyl alcohol. Next, to the base solution, orthophosphoric acid dissolved in ethyl alcohol was added. Findings Diffused emitter layers with sheet resistance around 60 Ω/sq were produced on solar grade monocrystalline silicon wafers using two types of dopant sources. Originality/value In this work, the diffusion processes were made for two different types of dopant sources. The first one was the commercial available dopant paste from Filmtronics and the second one was the original prepared liquid dopant solution.

scholarly journals Addressing Covert Channel Attacks in RFID-Enabled Supply Chains

2013 ◽  
pp. 176-190
Author(s):  
Kirti Chawla ◽  
Gabriel Robins
Keyword(s):  
Supply Chain ◽  
Supply Chains ◽  
Network Flow ◽  
Economic Effects ◽  
Future Research ◽  
Covert Channel ◽  
Covert Channels ◽  
Node Selection ◽  
Future Research Directions ◽  
Key Nodes

RFID technology can help competitive organizations optimize their supply chains. However, it may also enable adversaries to exploit covert channels to surreptitiously spy on their competitors. We explain how tracking tags and compromising readers can create covert channels in supply chains and cause detrimental economic effects. To mitigate such attacks, the authors propose a framework that enables an organization to monitor its supply chain. The supply chain is modeled as a network flow graph, where tag flow is verified at selected key nodes, and covert channels are actively sought. While optimal taint checkpoint node selection is algorithmically intractable, the authors propose node selection and flow verification heuristics with various tradeoffs. The chapter discusses economically viable countermeasures against supply chain-based covert channels, and suggests future research directions.

scholarly journals Medicinal Uses of Honey

2020 ◽  
pp. 8-12
Author(s):  
Mariia Nikolaevna Sarkisova ◽  
Natalia Viktorovna Biriukova
Keyword(s):  
Comparative Analysis ◽  
History Of Medicine ◽  
National Standards ◽  
Research Papers ◽  
Medicinal Uses ◽  
Stage Of Development ◽  
Different Types ◽  
History Of ◽  
Main Components ◽  
Current Stage

This article describes ways of using various types of honey in the history of medicine as well as its current stage of development. The authors consider the main components of different types of honey and the national standards of naturally sourced honey. An analysis of research papers on medical uses of honey has been performed, as well as a comparative analysis of recent honey-based medicines available in the pharmaceutical market. On the basis of collected data, some possible prospects for further use of honey in medicine have been outlined.

scholarly journals Galvanic Corrosion Behaviour of Phosphate Nodular Cast Iron in Different Types of Residual Waters and Couplings

2019 ◽  
Vol 70 (10) ◽  
pp. 3597-3602 ◽  
Author(s):  
Carmen Nejneru ◽  
Manuela Cristina Perju ◽  
Dumitru Doru Burduhos Nergis ◽  
Andrei Victor Sandu ◽  
Costica Bejinariu
Keyword(s):  
Cast Iron ◽  
Corrosion Behaviour ◽  
Galvanic Corrosion ◽  
Nodular Cast Iron ◽  
Low Alloy Steel ◽  
High Chemical ◽  
Different Types ◽  
Grey Cast ◽  
Main Components ◽  
Galvanic Corrosion Behaviour

The aim of this paper is to analyze the corrosion process that occurs in galvanic couplings of different alloys. The study focuses on materials that can come into contact in submersible pumps used by water treatment plants. Because, the rotor, one of the pump main components must possess high chemical and mechanical properties, nodular cast iron is usually used. Therefore, this is exposed in the same environment with different types of materials, such as aluminum, copper, bronze, grey cast iron, low alloy steel or stainless steel from which other components are made. The tests have been performed in three types of residual waters with neutral, acidic and basic pH. According to this study, the nodular cast iron galvanic corrosion resistance is highly improved by the phosphate layer deposited on its surface.

scholarly journals The Determinants Of Primary Employment In U.S. States

2021 ◽  
Vol 5 (3) ◽  
Author(s):  
Halil Dincer Kaya
Keyword(s):  
Small Business ◽  
Technology Use ◽  
Health And Safety ◽  
Business Owners ◽  
The Internet ◽  
Safety Regulations ◽  
Zoning Regulations ◽  
Different Types ◽  
Main Components ◽  
And Training

We examine the relationship between `primary employment` and `business friendliness` of U.S. states. Do states with a low score in `business friendliness` worry small business owners too much and hence force them to run their business as their primary job? We look at several main components of `business friendliness` including `Ease of start`, `Ease of hire`, `Overall regulations`, and `Training and networking`. We also look at subcomponents including the different types of regulations and technology use. How does each of these factors affect a business owner’s decision to focus mainly on his/her business? We use the `United States Small Business Friendliness Survey` done by Kauffman Foundation and Thumptack.com in 2013 and converted the letter scores ranging from A+ to F in the survey to numerical scores ranging from 12 to 1 (i.e. 1 being the lowest score which corresponds to F). Therefore, after the conversion, each state has a numerical score on each business-friendliness category. The survey also asks business owners if they use the internet when starting a business, when paying their taxes, or when licensing. For each state, we compute the percentage of owners in each state using the internet when starting a business, when paying their taxes, or when licensing. We call these three percentage numbers for each state their `Internetstart`, `Internettax`, and `Internetlicensing` scores. Then, using the mean score for all states for each type of regulation or internet score, we divide the states into two groups: the `high-score states` and the `low-score states`. In our analysis, we use non-parametric tests to compare the `high-score states` to the `low-score states`. Our non-parametric tests show that although none of the main components (i.e. `Ease of start`, `Ease of hire`, `Overall regulations`, and `Training and networking`) seem to affect `primary employment`, the overall business friendliness score of a state significantly affects `primary employment`. When we examine the different types of regulations, we find that `Health and safety regulations`, `Licensing regulations`, and `Zoning regulations` affect `primary employment`. `Employment regulations`, `Tax code`, or `Environmental regulations` does not have a significant impact. These findings may indicate that business owners are more worried with regard to Health and safety regulations, Licensing regulations, and Zoning regulations, therefore more of them choose to take matters into their own hands. Another possible explanation may be the relative complexity of the tasks associated with these regulations. Finally, our results show that technology use in the entrepreneurial process does not affect `Primary employment`.

scholarly journals Ecología y evolución de la polinización por engaño

2017 ◽  
pp. 57
Author(s):  
Reyna A. Castillo ◽  
Carlos Cordero ◽  
César A. Domínguez
Keyword(s):  
Theoretical Framework ◽  
Evolutionary Perspective ◽  
Frequency Dependent ◽  
Selective Pressures ◽  
Deceit Pollination ◽  
Different Types ◽  
Main Components

In this work we reviewed the biology of deceit pollination from an ecological and evolutionary perspective. Species pollinated by deceit are characterized because a percentage of their flowers do not produce rewards, and therefore these species get the advantages derived from pollinators without paying the costs. In this review, we first described the different types of deceit occurring in nature, as well as the selective pressures involved on its evolution. We then reviewed and discussed the theoretical framework of deceit pollination and the relevant aspects of its main components: frequency-dependent se lection, flower resemblance, and the sensorial capacities of pollinators.

Review of the Discussion Section of Research Articles: Rhetorical Structure and Move

2021 ◽  
Vol 8 (2) ◽  
pp. 9-25
Author(s):  
Yasir Bdaiwi Al-Shujairi
Keyword(s):  
Writing Process ◽  
Applied Linguistics ◽  
Research Articles ◽  
Discussion Section ◽  
Rhetorical Structure ◽  
Research Article ◽  
Scientific Disciplines ◽  
Different Types ◽  
Main Components

      The discussion section forms an integral part in the writing process of a research article (RA). Research authors find it difficult to write and produce a well-structured discussion for their findings. The reason could be due to the unawareness of the main components (rhetorical moves) that shape this section. Therefore, this paper aims to provide a review of the studies that have been done to analyze the discussion section of RAs over the last 36 years. Also, this review seeks to examine the discussion section of RAs across various scientific disciplines and different types of journals. The review showed that the rhetorical structure of RAs discussion section witnessed some changes over the course of time. New moves such as Research Implications and Research Limitations started to be parts of the discussion section of RAs. In addition, it was revealed that differences in writing the discussion section can be varied broadly across disciplines such as soft sciences (e.g., applied linguistics, sociology, psychology) and hard sciences (e.g., engineering, chemistry, biology) and slightly across types of journals such as ISI and local journals. In conclusion, this paper offered several suggestions for further research to be conducted in the area.  

Peculiarities of coping with stress among youngsters with various accentuation types

2021 ◽  
pp. 19-26
Author(s):  
Tatiana Razuvaeva ◽  
◽  
Maria Chuykova ◽  
A Lemzyakova ◽  
◽  
...  
Keyword(s):  
Young People ◽  
The State ◽  
Coping With Stress ◽  
Different Types ◽  
Main Components

The article is devoted to the study of the peculiarities of the experience of loneliness in young people with different types of accentuations. In this paper, the experience of loneliness is considered not only through the main components of this phenomenon (isolation, alienation, need for company, etc.), but also from the angle of the principle of casuality or the reasons why a person feels lonely. According to the data obtained as a result of our research, the need for psychocorrective work aimed at overcoming the feeling of loneliness and mastering the skills of coping with the state of loneliness in young people was justified.

Sign in / Sign up

Export Citation Format

Share Document