SSMR: Statically Detecting Speculation Safe Memory Regions to Mitigate Transient Execution Attacks

2026-01-28

Transient execution attacks exploit speculative execution to leak confidential data through unauthorized transient memory accesses. We make the observation that transient attacks can be identified by one unusual memory access, the transient sensitive data access. To protect systems from such attacks while minimizing performance overhead, we propose leveraging compile-time information to identify memory operations that cannot extract sensitive data and can therefore be deemed safe. Safe memory operations are allowed to execute transiently, causing no extra performance cost. Unsafe memory operations delay accessing the memory system until they are no longer in a speculative state, preventing unauthorized transient accesses to sensitive data. To communicate this information to the microarchitecture, we introduce the set safe memory region (ssmr) instruction. Inserted automatically by the compiler, it establishes the memory regions that may be accessed transiently by a sequence of instructions. This defense incurs only a 7% performance overhead compared to the insecure baseline and mitigates at least two variants of transient execution attacks.

A Survey of Hardware-Based AES SBoxes: Area, Performance, and Security

ACM Computing Surveys · 2025-03-16 · 3 citations

Hardware-based cryptographic engines are increasingly important in hardware design as they offer stronger security guarantees compared to software. However, their complex design and lack of freely available test chips make it difficult to compare across different implementations. This work reviews some of the current implementations of one of the most used cryptographic algorithms, the Advanced Encryption Standard (AES). We synthesize the large amount of information that has been published over the last two decades by introducing the first comprehensive comparison of AES’s most complex component, the Substitution Box (SBox), with regard to area, critical path delay, power, and security trade-offs.

CASM: A Generalizable and Accessible Security Metric to Evaluate Security of Cache Architectures

2025-10-12

Comparing the security of cache side-channel defenses is challenging. These defenses are often evaluated in performance-oriented simulators, which lack the ability to also measure security. Recent security quantification methods are typically implemented in custom frameworks that do not report performance. Furthermore, prior work either lacks in generalizability or adaptability, making it difficult for computer architects to evaluate the robustness of the design or for non-security experts to reason about the security challenges. To address these gaps, we propose a generalizable and accessible cache security metric, the Cache Access Security Metric (CASM). CASM measures how much leakage is present in a given cache architecture using a variety of characteristics. We then incorporate CASM into the popular processor simulator, gem5. We evaluate the security of various cache architectures, secure and non-secure, using CASM to demonstrate its potential.

Coeus: Secure Similarity-Aware Data Integrity Verification for Secure Memories

IEEE Transactions on Dependable and Secure Computing · 2025-11-06

As secure memory support is becoming an essential part of modern processors, minimizing its performance overheads is crucial. With the ever-increasing complexity of attacks, more users desire to enable memory security primitives in environments with minimal physical control (e.g., cloud systems and edge devices). However, the performance overheads are burdening the wide adoption of such support. In particular, the performance overheads for data integrity verification are very costly. Thus, a timely need is to revisit secure memory implementations and provide practical optimizations to bridge the performance gap between secure and non-secure memory systems. In this paper, we exploit many applications' well-known data similarity characteristics to reduce the performance overheads of integrity verification significantly. Specifically, we propose <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Coeus</i>, a secure memory implementation that allows secure exploitation of data similarity in improving the performance of integrity verification. We discuss the security challenges for exploiting data similarity and how we elegantly overcome them in well-established secure memory implementations. Our evaluation, based on memory-intensive benchmarks from SPEC2006 and SPEC2017, shows that Coeus can eliminate 33.2% (up to 99%) of the expensive MAC calculations and thus improve the performance by 21.8% (up to 90%).

THORN-ML: Transparent Hardware Offloaded Resilient Networks for RDMA based Distributed ML Workloads

2025-11-19

Distributed deep learning (DDL) requires a great investment in cloud infrastructure, including accelerated compute nodes and networking hardware capable of supporting high-performance networking, e.g., Remote Direct Memory Access (RDMA). When a host running a DDL application becomes unreachable, the cost can be high as application-level failure recovery is slow and disruptive. When the host is unreachable due to host failure, this is unavoidable; however, when the network components involved in attaching the host to the core data center network fail, we argue that this cost is avoidable. This paper introduces THORN-ML, a hardware-offloaded resilient network architecture that is completely transparent to DDL applications and works with commodity hardware. We evaluate THORN-ML on a cluster of 5 nodes with Nvidia A100 GPUs and Mellanox ConnectX-5 NICs, with several applications leveraging model parallelism and/or data parallelism, and find that THORN-ML reduces disruption from minutes (impacting the whole cluster) to milliseconds (impacting packets that can be re-transmitted).

PrediPrune: Reducing Verification Overhead in Souper with Machine Learning Driven Pruning

ArXiv.org · 2025-09-20

Souper is a powerful enumerative superoptimizer that enhances the runtime performance of programs by optimizing LLVM intermediate representation (IR) code. However, its verification process, which relies on a computationally expensive SMT solver to validate optimization candidates, must explore a large search space. This large search space makes the verification process particularly expensive, increasing the burden to incorporate Souper into compilation tools. We propose PrediPrune, a stochastic candidate pruning strategy that effectively reduces the number of invalid candidates passed to the SMT solver. By utilizing machine learning techniques to predict the validity of candidates based on features extracted from the code, PrediPrune prunes unlikely candidates early, decreasing the verification workload. When combined with the state-of-the-art approach (Dataflow), PrediPrune decreases compilation time by 51% compared to the Baseline and by 12% compared to using only Dataflow, emphasizing the effectiveness of the combined approach that integrates a purely ML-based method (PrediPrune) with a purely non-ML based (Dataflow) method. Additionally, PrediPrune offers a flexible interface to trade-off compilation time and optimization opportunities, allowing end users to adjust the balance according to their needs.

The Toxicity Phenomenon Across Social Media

arXiv (Cornell University) · 2024-10-28

Social media platforms have evolved rapidly in modernity without strong regulation. One clear obstacle faced by current users is that of toxicity. Toxicity on social media manifests through a number of forms, including harassment, negativity, misinformation or other means of divisiveness. In this paper, we characterize literature surrounding toxicity, formalize a definition of toxicity, propose a novel cycle of internet extremism, list current approaches to toxicity detection, outline future directions to minimize toxicity in future social media endeavors, and identify current gaps in research space. We present a novel perspective of the negative impacts of social media platforms and fill a gap in literature to help improve the future of social media platforms.

Baobab Merkle Tree for Efficient Secure Memory

IEEE Computer Architecture Letters · 2024-01-01 · 1 citations

Secure memory is a natural solution to hardware vulnerabilities in memory, but it faces fundamental challenges of performance and memory overheads. While significant work has gone into optimizing the protocol for performance, far less work has gone into optimizing its memory overhead. In this work, we propose the Baobab Merkle Tree, in which counters are memoized in an on-chip table. The Baobab Merkle Tree reduces spatial overhead of a Bonsai Merkle Tree by 2-4X without incurring performance overhead.

A Midsummer Night’s Tree: Efficient and High Performance Secure SCM

2024-04-24 · 3 citations

Secure memory is a highly desirable property to prevent memory corruption-based attacks. The emergence of nonvolatile, storage class memory (SCM) devices presents new challenges for secure memory. Metadata for integrity verification, organized in a Bonsai Merkle Tree (BMT), is cached on-chip in volatile caches, and may be lost on a power failure. As a consequence, care is required to ensure that metadata updates are always propagated into SCM. To optimize metadata updates, state-of-the-art approaches propose lazy update crash consistent metadata schemes. However, few consider the implications of their optimizations on on-chip area, which leads to inefficient utilization of scarce on-chip space. In this paper, we propose A Midsummer Night's Tree (AMNT), a novel "tree within a tree" approach to provide crash consistent integrity with low run-time overhead while limiting on-chip area for security metadata. Our approach offloads the potential hardware complexity of our technique to software to keep area overheads low. Our proposed mechanism results in significant improvements (a 41% reduction in execution overhead on average versus the state-of-the-art) for in-memory storage applications while significantly reducing the required on-chip area to implement our protocol.

SpecCheck: A Tool for Systematic Identification of Vulnerable Transient Execution in gem5

2023-10-21 · 2 citations

Speculative execution attacks leverage a processor's speculative execution optimization to leak secret information. Previous attempts to generalize transient execution attacks often analyze specific gadgets in software or look solely at mi-croarchitectural state artifacts to explain the fundamental logic behind these attacks. In this work, we present SPECCHECK, a systematic security verification for detecting potential transient data leakage. SPECCHECK is based on a description of a generic transient execution attack in the form of a register based Finite State Machine (FSM). SPECCHECK'S key insight is the fact that transient execution attacks involve both the software and the hardware to succeed and the only way to verify if a design is capable of mitigating such attacks is by considering both at verification time. The FSM is easily incorporated into commonly used processor simulators. As a proof of concept, we implement SPECCHECK'S FSM in the gem5 simulator to check for suspicious program flows during an arbitrary program's simulation and lay the groundwork for a robust and systematic hardware security verification tool. We show that SPECCHECK is able to identify known transient execution gadgets in two of the main Spectre variants, variant 1 (PHT) and 2 (BTB), with a 100% true positives and an average of 14% false positive rate for malicious sequences of code and an average of 19% vulnerable windows identified for the SPEC benchmark suite.