Khaled Khasawneh - Department of Computer Science and Engineering at the University of California, Riverside
Computer systems are vulnerable to attacks from increasingly motivated and sophisticated attackers. The recent Meltdown and Spectre attacks have shown that the computer architecture and hardware can offer software-exploitable interfaces that can be used to compromise systems. My work investigates the boundary between hardware and software with respect to computer security, exploring attacks that originate in the hardware, but also architecture support for securing systems and software. In this presentation, I will first show an example of how architecture can help computer security through the use of robust evasion-resilient hardware malware detectors. I will also describe a new Spectre attack that I developed targeting the return stack buffer used to optimize the execution of return instructions on modern CPUs. Finally, I will briefly describe SafeSpec, a new CPU design principle that secures modern processors against Spectre and Meltdown attacks, while retaining the benefits of speculative execution.
Wednesday, February 6, 2019 at 11:00am