A Formal Approach to Secure Speculation
Transient Execution Attacks
瞬态执行攻击包含两个部分,可信(Victim)和不可信(Attacker)。两者通过一些通信接口进行互动。攻击者通过错误预测(分支预测,乱序执行)从Victim中获得机密信息。
Analysis of Secure Caches and Timing-Based Side-Channel Attacks
Side Channels Versus Covert Channels
This work focuses on side channel. However, there are also covert channels. Covert channels
use the same methods as side channels, but the attacker controls both the sender and the
receiver side of the channel. All types of side-channel attacks are equally applicable to
covert channels. But for brevity, we just use the term “side channels”
Instruction-Level Abstraction (ILA)