Cybersecurity and Countermeasures

Verified

Added on  2021/04/16

|15
|3824
|29
AI Summary
The provided text is a report on cybersecurity threats, focusing on the Meltdown and Spectre attacks. It discusses the vulnerabilities exploited by these attacks and proposes countermeasures to prevent or minimize their impact. The report also mentions other security-related topics, such as cloud computing and in-process isolation with memory protection keys.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running head: COMPUTER SECURITY
COMPUTER SECURITY
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
COMPUTER SECURITY2
Table of Contents
Introduction................................................................................................................................3
Spectre........................................................................................................................................3
Meltdown...................................................................................................................................4
Spectre Fix.................................................................................................................................5
Meltdown Fix.............................................................................................................................6
Predictions..................................................................................................................................7
Conclusion..................................................................................................................................8
References..................................................................................................................................9
Document Page
COMPUTER SECURITY3
Introduction
In the year, 2017 it would founded out by the computer researchers that there was a
vulnerability that was named as Specter and meltdown. This type of attack was generated on
the computer system, which directly allowed the intruders to gain access to the system of the
user and the data. It took a while before the common people could know about the attack and
know in detail what the attack actually was and how it would effecting the common user and
to what extend it can cause harm to the user. In the context of the attack, it can be stated that
the attack could not be mitigated and can be considered to be playing a more vital role and
affecting more systems (Sclofsky and Funk 2017). The attack was mainly generated in the
hardware so it can be stated that it could not be mitigated in any other way other than some
type of software and implementing some type of programming into the concept and the
framework of the system. In order to initiate a spectre attack it can be stated that it would be
requiring certain level of expertise and certain level of education. Different types of patches
are implemented which would be safeguarding the system. It can be stated here that the
patches would not be completely removing the issue and the issue would be still pertaining
into the system (Maisuradze and Rossow 2018).
The main aim of the report is to take into consideration the different aspects of the
attack related to the meltdown and spectre. It is stated in the report the exact working of the
attack and the extent to which it would be affecting the system. the report also puts focus on
the different patches which are available in the market which is reduce the harm which would
be done on the system.
Spectre
The spectre attack can be considered an attack, which takes advantage of the concept
of the branch ability of the CPU. Taking into consideration most of the modern CPUs the
Document Page
COMPUTER SECURITY4
feature of branch prediction are automatically included into them. Such type of speculative
execution helps in executing information at a particular location, which is predicted by the
CPU. This concept helps in utilizing the CPU more, improving the performance and
minimizing the time waste. When the prediction of the branch is made successfully, the
instruction would directly retire whose outcome would be the instructions such as memory
and register write would be committed. On the other hand, it can be stated that if a branch
were not predicted correctly the executed instructions speculatively would be directly
discarded and the effect of the instruction is not done. The thing, which is not done, is the
indirect side effect for example CPU cache changes. Measuring of the latency of the access
memory operations, the cache can be used directly to extract value from the speculative
execution instruction.
The Spectre variant 1 (CVE-2017-5753)
The Spectre variant 2 (CVE-2017-5715) (Maisuradze and Rossow 2018).
The direct impact of both the variation, which is relating to the spectre attack, may
leak the sensitive data to other systems. The concept of spectre may allow a part of the the
application to directly access some other part of the same application, which is otherwise not
permitted to be accessed. The spectre attack does not cross the kernel or the user privilege of
the memory boundary, which depends upon the target platform and its configuration. The
attack can directly allow an applications user space to be accessed and the leak the kernel
memory (Sclofsky and Funk 2017).
Meltdown
The meltdown attack can be considered too be related to the Spectre attack which
basically uses the cache side channel technique in order to access the data that in other forms
would not be possible. The main difference, which can be applied to the attack for the

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
COMPUTER SECURITY5
meltdown, is that it leverages execution capability which is out of order taking into
consideration modern CPUs (Simakov et al. 2018). In normal machine level standard the
instruction set may appear to be in a sequential manner that directly supports the execution
which is out of order ,execute instruction in a manner which is non sequential. This aspect
directly reduces the time the CPU is kept idle. The concept of meltdown leverages the
behavior which is insecure that can be demonstrated in the Intel CPU and may affect the CPU
of other vendors as well. The vulnerability relating to the CPUs can directly allow the
memory read in a manner of out of order execution. The attack that is related to the meltdown
reads the actual data of the kernel memory which directly raises an exception, this is due to
the factor that code running with the user space privilege are not allowed to directly read the
kernel memory. However, due to the aspect of the race around condition out of order
instruction the faulting instruction may execute. It is seen that the instruction appears after the
faulting instruction that directly raise the exception. The time period within the exception is
raised some number of instruction are already processed and executed. Although the
exception, which is, raised it directly, causes the exception causes the CPU to directly roll
back the out of order instruction the state of the cache is not reverted. This concept allows
data from the condition of the out of order instruction to the beyond the point at the time in
which is exception is raised (Maisuradze and Rossow 2018).
The main impact, which is seen relating to the Meltdown attack, is that a process,
which is running in the space of the user, is able to view of memory of the kernel. Meltdown
can be considered to be like the concept of the Spectre, which incorporates leakage of data,
which does not cross the kernel or the user boundary of privilege (Watson et al. 2018) The
mitigation, which is relating to the Linux kernel for the Meltdown are referred to as KAISER.
The KAISER concept aims at improving the separation of the user memory page and the
kernel. Due to the factor that the Spectre attack does not cross the kernel/ user boundaries, the
Document Page
COMPUTER SECURITY6
protection, which is introduced with KPTI/KAISER, do not add any type of protection
against them.
The main working of the concept of the spectre and the meltdown can be more
explained with the help of a diagram, which states the main difference between the them
taking into consideration few features of both the attacks.
Features Spectre Meltdown
Triggering specification
relating to CPU
Speculative execution about
branch prediction.
Execution which is Out of
order
Platform which are affected The CPU, which perform
speculative execution taking
into consideration the
branch prediction.
CPU, which allow memory,
read in out of order
execution.
Successful attack difficulty High – this concept mainly
needs tailoring relating to
the environment.
Low- the kernel memory
access exploits code, which
is universal.
Mitigation of the software Indirect branch restricted
speculation (IBRS).
Kernel page table isolation
(KPTI) (Ali 2014).
Impact of the attack
The attack, which is related to the spectre and the meltdown, allows the attacker to
execute code of a system with the privilege of the user. This can various type of impact on
Document Page
COMPUTER SECURITY7
the overall system and the data. The attack, which is relating to the Meltdown, allows the
read of the kernel memory from the user space (Trippel, Lustig and Martonosi 2018).
Spectre Fix
Experts have described the concept of spectre as being tougher to patch than the
concept of the meltdown. It can be stated here that it is practically difficult to exploit than the
concept of the meltdown. “According to the most of the researches, the exploitation, which is
most likely of the spectre, would be using the concept of java script to leak information, keys
relating to session which are cached into the browser (Trippel, Lustig and Martonosi 2018) .”
Google, Mozilla and Microsoft have all the issue of the browser updates, which would be
making attack exponentially difficult thought not impossible. As an extra precaution, experts
have recommended turning on the site isolation option in the concept of the Firefox and
chrome. Apple has issue the mitigation of the spectre in iOS 11.2.2 and the macOS high
sierra in 10.13.2 supplement update.
The spectre variant 1 (bound check bypass) can be directly mitigated with the
operating system updates and on the other hand the spectre variant 2 (branch target injection)
in order to be mitigated requires microcode and firmware fixes. The manufacturer of the
processors have recently stated that they would be launching microcode updates in recent
times. Intel has recently released a new Linux processor data file of micro code. This patch
can be used for adding mitigation without having to perform BIOS update. In an aspect some
of the issue have been founded out by the haswell CPU and the Broadwell. Dressing an
update from the Microcode from the addressing of the AMD CVE – 2017 – 5717 is also in
circulation in recent times. In addition to the above mentioned patches the company would be
working on introducing additional fixes which would be including the EPYC Process and
Ryzen processors. The recovery of the sensitive data after the spectre attack usually initiated

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
COMPUTER SECURITY8
can done using the concept of the flush+ reload and the evict + reload. As stated by
researchers it can be stated that the process of reload can be directly be related to the time,
which is needed for the memory address in the line of the cache. It can be assumed in the
spectre attack that the victim or the user can execute the instruction speculatively form the
storage that is being used thus the information can be accessed without any concept of trigger
of page fault or exception.
Meltdown Fix
The checklist relating to the Meltdown Fix are stated below:
Operating system should be updated: The operating system by means of the features of
the updating should be updates frequently so that the latest version of the operating
system resides in the system. It would directly help in keeping the system updated and
would prevent any type of attack relating to meltdown.
Firmware updates should be checked: Just as the operating system should be updated, the
firmware should also be updated. This can be considered to be one of the gateway of most
of the attacks any major attacks are prevented by this means.
Browser should be updated: Browser can be considered as one of the entry point where
the attack can be generated. Most of the attack are originated from this point. Latest
browsers have the features of restricting the attacks which can hamper the working the
overall system.
Other software should be updated: Other software, which are installed in the machine,
should be updates as they are linked with the main operating system and the CPU.
Sometimes weak links like the other software can act as an entry point in most of the
cases of the cases.
Document Page
COMPUTER SECURITY9
Antivirus should be updated: Antivirus does not prevent only the attack which are related
the meltdown but also prevent the system from different other types of attack which can
be very much harmful for the system (Sclofsky and Funk 2017).
One of the most primary aspects of keeping the system updated of the spectra attack is
keeping the operating system updated. The meltdown attack has effected almost all the
operating systems since the year 1995, which was stated by Google security research that
discovered it. It can be considered as and aspect formulating the hardware, but most of the
major operating system inventors have rolled out an update that protect the system from the
attack of the meltdown as well as the spectre. Microsoft had pushed an emergency patch of
the window. The update was not automatically started (Trippel, Lustig and Martonosi 2018).
The main procedure, which can be followed is Start>setting> update and security> windows
update and then clicking on the now button under the section of update status. One alternative
approach, which can be done in this context, is that searching for “window update” which can
also work for windows 7 and windows 8 (Sclofsky and Funk 2017). This process would be
detecting the software automatically and it should be installed in every operating system.
Apple quickly worked the protection relating to the meltdown into macOS high sierra
10.13.2, which was released in the December. The Mac does not apply update it can be
forced by going to the app store’s Update tab. Chrome books has already updated to chrome
OS 63. The main flaws, which is omitted in this update, is the flaws relating to CPU. Linux
kernel system also have patches involved into it. The user should install CPU firmware and
microcode, which fixes the protection mechanism relating to the meltdown attack. This type
of attack cannot be merely be combated with the normal patches which are available in the
CPU. The patches, which are introduced by the manufacturers, are described below:
Document Page
COMPUTER SECURITY10
Window OS and Microsoft edge: KB4056892. This is a patch, which can be
involved into the Window 10.
Apple macOS, safari, iOS and tvOS: Apple launched macOS 10.13.2, tvOS 11.2
and iOS 1.2 as a patch for the means of protecting the system from the attack relating to the
meltdown.
Android OS: January android security patch was made available by the android that
was ensured by the Google itself. This directly protects the system from the attack of the
spectre and meltdown.
Firefox web browser: The patch in order to safe guard the system from the attack a
patch was released with a version of 57.0.4. This type of attack can act as a security measure
for the attack and unauthorized access of the physical memory in the hand of the user who is
unauthorized. This patch would not be eliminating the issue but would be safeguarding the
system.
Google Chrome web browser: The patch, which was made available by the chrome,
is “chrome: //flags/#enable-site-per-process”.
Linux distribution: The patches, which were available by the official site of the
kernel, was 4.9.74, 4.14.11, 4.4.109, 3.18.91, 3.2.97, and 3.16.52 (Kocher et al. 2018).
One of the most realistic approach to the solution to the problem relating to the
spectre and the meltdown is the introduction of the concept of the hard split between the user
space and the kernel.
Predictions
In the year, 2010 in the month of January a number of researchers including Gruss
published a paper on arXiv.org: Spectre Attack: exploiting speculative execution. The main

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
COMPUTER SECURITY11
point in the paper was that they argue that even though different countermeasures are
implemented they is no specific way in which a particular code of instruction can be detected
to be safe or not. It can be stated here that the mitigation against the meltdown attack does not
work against the protection of the spectre attack. Considering the aspect of long time solution
regarding the problem it would be needed that the instruction set of the architecture should be
updated. This update mainly includes the property of the security of the processor and the
CPU implementations that would conform to the updates (Maisuradze and Rossow 2018).
The main problem, which is faced in the issue, is that the device drivers, compilers, operating
system, the processor, and other devices of the computer system have evolved multiple layers
of complexity that facilitates different types of risks related to security. When there would be
further alteration in the design it would be incorporating to implement more aspects of the
security. In this context, it can be stated that the computational performance would be taking
a back seat. In the context of the spectre it can be stated that it is not only an issue relating to
the hardware but would be requiring a continuous discipline in the concept of the design
relating to secure system which needs to be accessed directly through both the aspects of
hardware and software.
It can be stated here that the concept of the meltdown and the spectre would be very
much similar to the concept of the automobile industry in the time framework of around 50
years. As the people became aware of the problem, then they finally decide to invest more in
the concept of the security (Sclofsky and Funk 2017). Taking into consideration the
globalized network more the complication applied to the supply chain more would be the
vulnerable devices in the system. This type of system are very much liable to be hacked and
the information in the system can be easily leaked. One of the aspects relating to the concept
is the housekeeping. One of the future predication in this aspect would be implement the
concept of block chain, which would be creating new means of transparent security features
Document Page
COMPUTER SECURITY12
and a database, which would be decentralized of any type of transaction for the concept of
line of production. In the prediction process of the attack, relating to the spectre and the
meltdown it can be stated that problem would be pertaining until the next generation silicon
processors are into the market (Trippel, Lustig and Martonosi 2018).
Conclusion
Based on the evidence, which is stated in the above report it can be concluded that
both the attack relating to the spectre and the meltdown can be far more dangerous as this
type of flaws can directly allow unauthorized user to get access to the system and the
information of the other users. Different types of countermeasures are stated in the report
which if applied could directly help decrease the level of intensity of the attack when it is
initiated. In the future, it can be stated that the intensity of the attack would be increasing, as
the attack would be more technology oriented. It can be stated here the installation of the
patches would be preventing the unauthorized access into the system but the problem would
be still there in the system, which cannot be removed permanently.
Document Page
COMPUTER SECURITY13
References
Ali, A.Y., 2014. Somalia: An Unconvincing Progress.
Cap, P., 2017. Technological discourse: Threats in the cyberspace. In The Language of Fear
(pp. 53-66). Palgrave Macmillan, London.
Chen, G., Chen, S., Xiao, Y., Zhang, Y., Lin, Z. and Lai, T.H., 2018. SgxPectre Attacks:
Leaking Enclave Secrets via Speculative Execution. arXiv preprint arXiv:1802.09085.
Kocher, P., Genkin, D., Gruss, D., Haas, W., Hamburg, M., Lipp, M., Mangard, S., Prescher,
T., Schwarz, M. and Yarom, Y., 2018. Spectre Attacks: Exploiting Speculative Execution.
arXiv preprint arXiv:1801.01203.
Maisuradze, G. and Rossow, C., 2018. Speculose: Analyzing the Security Implications of
Speculative Execution in CPUs. arXiv preprint arXiv:1801.04084.
Menkhaus, K., 2014. State failure, state-building, and prospects for a “functional failed State”
in Somalia. The Annals of the American Academy of Political and Social Science, 656(1),
pp.154-172.
Pupillo, L., 2018. EU Cybersecurity and the Paradox of Progress. CEPS Policy Insights No
2018/06, February 2018.
Reiser, H.P., Taubmann, B., Köstler, J., Rakotondravony, N. and Sentanoe, S., 2018. Cloud
computing.
Sclofsky, S. and Funk, K., 2017. The Specter That Haunts Political Science: The Neglect and
Misreading of Marx in International Relations and Comparative Politics. International
Studies Perspectives.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
COMPUTER SECURITY14
Simakov, N.A., Innus, M.D., Jones, M.D., White, J.P., Gallo, S.M., DeLeon, R.L. and
Furlani, T.R., 2018. Effect of Meltdown and Spectre Patches on the Performance of HPC
Applications. arXiv preprint arXiv:1801.04329.
Smith, M.D., 2016. The Specter of Cholera in Nineteenth-Century Cincinnati. Ohio Valley
History, 16(2), pp.21-40.
Trippel, C., Lustig, D. and Martonosi, M., 2018. MeltdownPrime and SpectrePrime:
Automatically-Synthesized Attacks Exploiting Invalidation-Based Coherence Protocols.
arXiv preprint arXiv:1802.03802.
Vahldiek-Oberwagner, A., Elnikety, E., Garg, D. and Druschel, P., 2018. ERIM: Secure and
Efficient In-process Isolation with Memory Protection Keys. arXiv preprint
arXiv:1801.06822.
Watson, R.N., Woodruff, J., Roe, M., Moore, S.W. and Neumann, P.G., 2018. Capability
Hardware Enhanced RISC Instructions (CHERI): Notes on the Meltdown and Spectre
Attacks (No. UCAM-CL-TR-916). University of Cambridge, Computer Laboratory.
Document Page
COMPUTER SECURITY15
1 out of 15
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]