Introduction to Computer Security and Cyber Threats

Computer security, sometimes also known as Cyber Security is the activities or the process by virtue of which the computer systems is protected against damage and threat to the computer hardware as well as software (Bambauer 2013). Computer security secures the computer system by disallowing the threats that peep into the computer system through network access, code and data injection. The field of computer security needs utmost attention as with the growing technologies and increased internet connections leads to the increment is issues of cyber attack as well as data breaches across the network (Hsiao et al., 2014). The spectre and Meltdown vulnerabilities are the vulnerabilities that attack the computer system. The paper brings to light the major vulnerabilities to the computer system namely Spectre and Meltdown vulnerabilities. The paper provides a brief overview of the procedure of the Spectre and Meltdown attack. The article clearly points out the fact that these vulnerabilities affect the computer at the processor level. The article also points out the impacts of the Spectre and Meltdown vulnerabilities. Furthermore, the paper brings to light that these vulnerabilities have a wide spread affect, including all the processors available in the market. The paper also describes the techniques to mitigate the risks imparted by these vulnerabilities. The article also describes the procedure through which the mitigation techniques should be implemented in order to curb down the risks imparted by the Spectre and Meltdown vulnerabilities. Finally, the paper provides the future implications of the Spectre and the Meltdown vulnerabilities. The article also highlights that the changes implemented in the future processors such that these vulnerabilities could be mitigated. Various changes implemented in the operating system, help to curb down the risks incorporated by the Spectre and Meltdown vulnerabilities. The mitigation of such risks is extremely essential as it leads to the security breaches such as leakage of potentially useful data that need to be secured and protected.

The Spectre vulnerability is a computer security vulnerability that targets the modern microprocessors that has the capability to perform branch prediction. This vulnerability gets executed by tricking the processor to execute the instruction stored in an arbitrary location in the computer memory (Wang, Wei and Vangury 2014). Thus, the attacker gains the advantage of accessing a memory location and thus, potentially gain the sensitive data stored into it which he/ she is not authorised to view. The modern computers are so designed as to produce computational data within seconds of time. Modern computers use the procedure of speculative execution, through which the computational efficiency increases and thus, the performance of the computer enhances. Speculative execution is a process utilized by the high speed processor such that the performance of the computer increases; it progresses by making predictions to the future execution paths and thus, in a premature manner executes the instructions in them (Chen et al., 2018). The microprocessors that deal with branch prediction or speculative execution technique are more vulnerable to such attacks. Spectre attacks provide a path to computer programs to spy on the data of the other computer program, thus leading to the loss of data. The computation is performed in the background such that the computation in real time does not cause decrement in performance. This vulnerability generally tricks the processor by accessing and executing the program stored in an arbitrary location that leads to the data breaches and revealing of such data that are secured and not accessible to unauthorized users. The extent of impact of the spectre vulnerability is that it covers almost all the processors available worldwide namely, Windows, iOS, Linux and Mac. It imparts serious impact on the computer system by removing the isolation between the applications. This vulnerability allows the attacker to extract secret information from the Random Access Memory of the computer hardware (Genkin et al., 2018). 

Overview of Spectre and Meltdown Vulnerabilities

The Meltdown vulnerability is a hardware security vulnerability that works on major operating systems and does not have any effects on the computer software. The memory isolation is the major concern in the operating system. The operating system prevents the application to read or write data in to the kernel memory. It also prevents the user application to modify the data stored in the Kernel memory (Watson et al., 2018).  With the help of this isolation it becomes easy for the modern day processors to perform multiple tasks and support multiple users on one particular machine during performing operation on the cloud. The modern day processor implements the usage of a processor bit to supervise the isolation between the Kernel memory and the user processes. This bit determines whether the user processes can access the memory page of the kernel or not. This feature is essential in during interrupt handling and it allows the operating system, the mapping of the kernel to address space of the processes such that an effective transition is possible for the user end to the kernel (Hund, Willems and Holz 2013). The Meltdown vulnerability effects the memory isolation between the kernel and the user processes. This vulnerability allows the overcoming memory isolation entirely by allowing the user processes full access to the kernel memory such that those processes have the accessibility of the entire kernel data (Kathapurkar 2016). This vulnerability advances by exploiting the side channel information that is readily available on all modern computers. This vulnerability allows the attacker to run a malicious code on the vulnerable processor such that the entire information secured in the kernel memory can be obtained. The out of order execution is the major cause of the Meltdown vulnerability. This vulnerability has its effects on all Intel microprocessors as well as few ARM based processors. The major effect of this vulnerability is that it slows down the computer speed by approximately 30 percent during excessive workload (Kolawa et al., 2013). The meltdown vulnerability slows down the computer system by implementing the process of privilege checking which does not allow those instructions to get executed that does not hold the access of a particular data or program. The meltdown vulnerability often reduces the computing speed of the processor within a range of 5 percent to 30 percent. It aims at exploiting the race condition of the CPU that arises between the privilege checking and the instruction execution. The privilege checking is done such that any unauthorised access to the data stored in the kernel memory is isolated and is not available to be accessed by unauthentic users. It also imparts serious impacts on the patched versions of Windows, iOS, macOS and Linux operating systems (Jin et al., 2015). This vulnerability progresses by executing an attack code that leads to the loading of some secured data in the cache memory, and the privilege check also takes place simultaneously. Following the above step, a code is executed according to the data obtained from the cache memory. The value of the secured data is obtained by following a side channel technique. The code for the execution is stored in a memory chip and is executed according to the value of the data obtained. Another technique named the side channel technique is implemented to obtain the value of the data obtained for illegal usage.

Impacts of Spectre and Meltdown Vulnerabilities

There are various mitigation options available for the spectre and meltdown vulnerabilities. The countermeasures of these vulnerabilities are essential as they affect almost all processors available such as Intel and others. The mitigations for the Spectre and Meltdown vulnerabilities are discussed separately as follows: 

The Spectre vulnerability also termed as the conditional branch vulnerability mitigation can be possible when the speculative execution can be stopped on the sensitive code execution path. Moreover, some Intel processors serialize the execution of the instruction such that branching conditions do not occur that would mitigate the effects of branching code instructions. It has a different perspective from ensuring that the speculative execution would not occur or leak information (Kocher et al., 2018). However, the sequential execution of the instruction does not prove to be an effective counter measure against the Spectre vulnerability on all processors. Moreover, the utilization of the three user mode serializing instructions used by the Intel processors poses serious threats to many registers. However, the mfence and lfence instructions can add to the counter measure without affecting the content of registers. However, there lies a constraint in the utilization of mfence and lfence as they do not properly work for all CPU’s and all system configurations. In addition to these allowing delays in the instruction execution but the delay should be approximately about 200 instructions which should be ahead to the cache miss (Simakov wet al., 2018). However, it is a challenging approach to insert the speculative execution block as it is easy for the compiler to insert instructions after the conditional branch and the destination but this insertion causes degradation in the performance of the computer.  The checks could be eliminated by the static analysis technique.

The indirect branch poisoning is even more critical and challenging that needs to be mitigated in the software. However, during context switching the flush branch prediction and hyper threading can be disabled although the architecture does not define any procedure to do so. Moreover, the switch statement case could not be addressed by disabling the hyper threading and flushing the branch prediction technique. Furthermore, the speculative execution that follows other forms of jumps is unknown and there are chances that they would vary from processor to processor.

The code fixes of the vulnerability is still unknown for the existing processors but the patches posses the capability to disable the speculative execution. The installation of patches would slow down the processor to some extent and slow down the processor. Moreover, the buffering of the speculatively initiated memory transaction for the cache does not act as an efficient mitigation against the vulnerability until the speculative execution is committed. The adoption of the above methods affects the performance of the processor by degrading the speed of operations (Ruj and Nayak 2013). Thus, these counter measures are insufficient as there exists other ways in which the speculative execution can leak potentially secured information. 

Mitigation Techniques for Spectre and Meltdown Vulnerabilities

The Meltdown vulnerability also poses serious impacts on all the available microprocessors just like the Spectre vulnerability and specific counter measures should be adopted such as to mitigate the threats posed by the vulnerability. The following sections provide the counter measure against the attacks regarding the hardware counter measures and the KAISER counter measure:

Hardware

The meltdown vulnerability affects the isolation layer of the user processes and the kernel thereby, disturbing the security domains, and does not affect the software hence, no software vulnerability is involved in the meltdown attack. Thus, the usage of the software patches as a counter measure does not completely fix the vulnerability. The trivial counter measure against the meltdown attack is to completely halt the out of order execution as the root cause of this vulnerability is the out of order execution of the processor (Lee et al., 2013). The side effect of disabling this feature is that the performance of the processor decreases. This could be devastating as the speed of the processor could not be delayed. Thus, the adopted process was not considered as a viable solution.

The meltdown vulnerability actually exploits the race condition between the privilege check and the instruction execution (Biswas and Karunakaran 2015). Thus, the effective counter measure would be to serialize the instruction execution and the privilege checking such that those instructions that do not pass the privilege checking criteria are never executed (Lindo and Daudel 2014). However, this would cause a significant delay in the execution of the instruction as once the instruction is fetched; the execution is delayed till the privilege check is completed.

The most effective counter measure would be the introduction of the hard split of the kernel space and the user space (Rojas and Hussain 2013). The hard split can be enabled in the modern kernels through the usage of the hard split bit in the control register of the CPU.  The hard split has the potential to identify which instruction fetching would lead to the violation of the security (Adda, Alon and Braverman 2014). Moreover, the implementation would lead to performance degradation as well as backward compatibility is also ensured as there are no provisions for the default setting of the hard split bit and can only be set by the kernel.  

KAISER

The hardware patching is a challenging task thus, the software patching was implemented. A software patch known as KAISER was introduced such that the kernel was not mapped to the user processes. This modification prevents the side channel attack as well as meltdown attacks. It is a software measure to prevent the meltdown attacks as it ensures that there exists no valid mapping to kernel space to the user space. However, the architecture of the processor requires the mapping of the user’s space to the kernel space using the Kernel Page Table Isolation technique (Alexander, Heller and Shum 2013). Thus, do not completely mitigate the effects of the attacks as the memory location could still be accessed from the user space. Thus, the short term mitigation to the attacks is the utilization of the patched software. The other counter measure could be to keep the browser as well as the software updated as it contains the fixes for the vulnerabilities. This however reduces the speed of the processor as well as degrades the performance of the processor. Thus no software patches are still developed that completely mitigates the risk imparted by the meltdown vulnerability.

Future Implications of Spectre and Meltdown Vulnerabilities

Moreover, both the vulnerabilities are different but both allow the illegal access of data by the attackers such that they would obtain the secured data. The Meltdown vulnerability was reported in the CVE-2017-5754 while the Spectre vulnerability was reported in CVE-2017-5715 and CVE-2017-5753. 

The Spectre and Meltdown vulnerability affects the system at the processor and the operating system level. Moreover, it becomes practically impossible to execute the instructions and simultaneously perform the privilege checking. Furthermore, the network oriented attacks that executes a malicious code in the CPU also pose serious threats (More 2018). There are various counter measures to mitigate the risks posed by these attacks but, the architecture of processors is not designed to properly implement the patches (Lipp et al., 2018). The long term future impact would be the need for new silicon based processor. Moreover, the instruction set architecture should also be updated such that it would include the clear guidance regarding the security issues of the computer processor (Leiserson 2014). Furthermore, the implementation of the patches causes the performance degradation of the processor. Thus, the processor should be constructed in such a manner that the installation of the patches does not affect the performance of the processor. Moreover, the innovation of the silicon based processors would incorporate the potential to curb down the risks imparted by the Spectre and Meltdown attacks (Pieprzyk, Hardjono and Seberry 2013). The processor should contain alternative implementation technique so as to maintain the security of the data and to provide maximum attention to the security maintenance. The data stored in the system are highly vulnerable to the leakage, thus more secured database needs to be adopted such that any cases of data breaches could be mitigated and the important data is secured (Jiang et al., 2013).  The database should incorporate more security features such that data can be properly maintained and stored. Furthermore, the database should be decentralized as it offers more security to the data. Moreover, the cloud storage methods should be implemented as it offers more data security and has the architecture support to prevent the loss of data. It also incorporates the back up and the recovery techniques so as to recover the lost data.

Conclusion

Thus, with the above discussion it can be concluded that the Spectre and Meltdown vulnerabilities imparts serious threats to the computer processor and thus, needs the prior attention of the microprocessor vendors such as to secure the data and prevent any data breach activities. Both the vulnerabilities namely, Spectre and Meltdown provides a pathway to the attacker such that the attacker could access the data that he/ she is unauthorised to view or access. Moreover, the computer programs runs in isolation and other programs or applications are not authorized to view the instructions and data of other programs. The vulnerabilities were recently recognized. It allows the illegal access to data from the cache memory or the RAM. These vulnerabilities occur due to out of order execution and the speculation execution that are ultimately aimed at leaking the personal data such as email, passwords, pictures and other potentially valuable data. Thus, it becomes a necessity to implement measures to secure the data and protect the processor against such vulnerabilities. Thus, various mitigations were developed by the researchers such as providing the patches such as KAISER that is software mitigation against the meltdown vulnerability. The other mitigation also includes the mitigations regarding the hardware such as isolation of the kernel process with the user process. Moreover, the Kernel Page Table Isolation is also a mitigation technique implemented to isolate the kernel process with the user process. Moreover, the hard split bit also enhances the capability of the processor to control the CPU register. It can only be changed if the hard bit is set and can only be set and reset by the kernel process. However most of the mitigations available as the counter measure of Spectre and Meltdown vulnerabilities does not completely guarantee the mitigation against the security issues. Thus, certain changes are required in the architectural design such as to completely mitigate the risk of the security issues. The future impact involves the innovation of the silicon based processors such that the security issues are maintained properly and also such that it does not hampers the performance of the system. 

References

Adda, M., Aloni, D. and Braverman, A., International Business Machines Corp, 2014. Executing a kernel device driver as a user space process. U.S. Patent 8,806,511.

Alexander, G.W., Heller, L.C. and Shum, C.L.K., International Business Machines Corp, 2013. Serializing translation lookaside buffer access around address translation parameter modification. U.S. Patent 8,433,855.

Bambauer, D.E., 2013. Ghost in the Network. U. Pa. L. Rev., 162, p.1011.

Biswas, A. and Karunakaran, S., 2015. Cybernetic modeling of Industrial Control Systems: Towards threat analysis of critical infrastructure. arXiv preprint arXiv:1510.01861.

Chen, G., Chen, S., Xiao, Y., Zhang, Y., Lin, Z. and Lai, T.H., 2018. SgxPectre Attacks: Leaking Enclave Secrets via Speculative Execution. arXiv preprint arXiv:1802.09085.

Genkin, D., Pachmanov, L., Tromer, E. and Yarom, Y., 2018. Drive-by Key-Extraction Cache Attacks from Portable Code.

Hsiao, D.K., Kerr, D.S. and Madnick, S.E., 2014. Computer security. Academic Press.

Hund, R., Willems, C. and Holz, T., 2013, May. Practical timing side channel attacks against kernel space ASLR. In Security and Privacy (SP), 2013 IEEE Symposium on (pp. 191-205). IEEE.

Jiang, Y., Guo, X., Li, C., Wen, H., Lei, C. and Rui, Z., 2013, October. An efficient and secure search database scheme for cloud computing in smart grid. In Communications and Network Security (CNS), 2013 IEEE Conference on (pp. 413-414). IEEE.

Jin, S., Seol, J., Huh, J. and Maeng, S., 2015, March. Hardware-Assisted Secure Resource Accounting under a Vulnerable Hypervisor. In ACM SIGPLAN Notices (Vol. 50, No. 7, pp. 201-213). ACM.

Kathapurkar, A.H., 2016. Processor-level integration of the architectural support for monitoring and securing the operating system kernel. The University of Texas at San Antonio.

Kocher, P., Genkin, D., Gruss, D., Haas, W., Hamburg, M., Lipp, M., Mangard, S., Prescher, T., Schwarz, M. and Yarom, Y., 2018. Spectre Attacks: Exploiting Speculative Execution. arXiv preprint arXiv:1801.01203.

Kolawa, A.K., Jakubiak, N.M., Lambert, M.L., Haaker, W. and Gandhi, N., Parasoft Corp, 2013. Detection of deadlocks or race conditions in physical systems using load testing. U.S. Patent 8,448,148.

Lee, M., Wieland, P., Ganapathy, N., Erlingson, U., Abadi, M. and Richardson, J., Microsoft Corp, 2013. Synchronizing split user-mode/kernel-mode device driver architecture. U.S. Patent 8,434,098.

Leiserson, A, 2014. Side Channels and Runtime Encryption Solutions with Intel® SGX.

Lindo, J. and Daudel, J., CA Technologies Inc, 2014. Thread management to prevent race conditions in computer programs. U.S. Patent 8,813,079.

Lipp, M., Schwarz, M., Gruss, D., Prescher, T., Haas, W., Mangard, S., Kocher, P., Genkin, D., Yarom, Y. and Hamburg, M., 2018. Meltdown. arXiv preprint arXiv:1801.01207.

More, A.C.Y., 2018. Security Alert!.

Pieprzyk, J., Hardjono, T. and Seberry, J., 2013. Fundamentals of computer security. Springer Science & Business Media.

Rojas, J.P. and Hussain, M.M., 2013. Flexible semi?transparent silicon (100) fabric with high?k/metal gate devices. physica status solidi (RRL)-Rapid Research Letters, 7(3), pp.187-191.

Ruj, S. and Nayak, A., 2013. A decentralized security framework for data aggregation and access control in smart grids. IEEE transactions on smart grid, 4(1), pp.196-205.

Simakov, N.A., Innus, M.D., Jones, M.D., White, J.P., Gallo, S.M., DeLeon, R.L. and Furlani, T.R., 2018. Effect of Meltdown and Spectre Patches on the Performance of HPC Applications. arXiv preprint arXiv:1801.04329.

Wang, Y., Wei, J. and Vangury, K., 2014, January. Bring your own device security issues and challenges. In Consumer Communications and Networking Conference (CCNC), 2014 IEEE 11th (pp. 80-85). IEEE.

Watson, R.N., Woodruff, J., Roe, M., Moore, S.W. and Neumann, P.G., 2018. Capability Hardware Enhanced RISC Instructions (CHERI): Notes on the Meltdown and Spectre Attacks (No. UCAM-CL-TR-916). University of Cambridge, Computer Laboratory.