Thanks to visit codestin.com
Credit goes to github.com

Skip to content

comsec-group/inception

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
ibpb-eval
ibpb-eval
 
 
inception
inception
 
 
phantomcall
phantomcall
 
 
tte_btb
tte_btb
 
 
tte_rsb
tte_rsb
 
 
README.md
README.md
 
 
check.sh
check.sh
 
 

Repository files navigation

Inception

This is the artifact of Inception: Exposing New Attack Surfaces with Training in Transient Execution, published at USENIX Security 2023. Inception is a novel transient execution attack that leaks arbitrary data on all AMD Zen CPUs, in the presence of all software- and hardware mitigations deployed to date. More information about Inception can be found here.

Organization

This artifact is split up in five parts.

  • tte_btb determines whether the BTB can be manipulated in transient execution. To run this experiments, arch.sh should be configured.

  • tte_rsb determines whether the RSB can be manipulated in transient execution. It may be necessary to run this experiment with the -no-pie CLANG argument.

  • phantomcall shows that the RSB can be manipulated with a recursive PhantomCALL on all AMD Zen microarchitectures. It may be necessary to run this experiment with the -no-pie CLANG argument.

  • inception leaks data of any arbitrary provided address on AMD Zen 1(+), Zen 2 and Zen 4 microarchitectures.

  • ibpb-eval evaluates the overhead of using IBPB as a mitigation against Inception.

About

Training in Transient Execution and PhantomCALL, from Inception (SEC'23) Artifacts.

comsec.ethz.ch/research/microarch/inception/

Resources

Readme
Activity
Custom properties

Stars

39 stars

Watchers

4 watching

Forks

6 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages