logo

Assignment on Computer security

   

Added on  2021-04-16

15 Pages3824 Words29 Views
 | 
 | 
 | 
Running head: COMPUTER SECURITYCOMPUTER SECURITYName of the StudentName of the UniversityAuthor Note
Assignment on Computer security_1

COMPUTER SECURITY2Table of ContentsIntroduction................................................................................................................................3Spectre........................................................................................................................................3Meltdown...................................................................................................................................4Spectre Fix.................................................................................................................................5Meltdown Fix.............................................................................................................................6Predictions..................................................................................................................................7Conclusion..................................................................................................................................8References..................................................................................................................................9
Assignment on Computer security_2

COMPUTER SECURITY3IntroductionIn the year, 2017 it would founded out by the computer researchers that there was avulnerability that was named as Specter and meltdown. This type of attack was generated onthe computer system, which directly allowed the intruders to gain access to the system of theuser and the data. It took a while before the common people could know about the attack andknow in detail what the attack actually was and how it would effecting the common user andto what extend it can cause harm to the user. In the context of the attack, it can be stated thatthe attack could not be mitigated and can be considered to be playing a more vital role andaffecting more systems (Sclofsky and Funk 2017). The attack was mainly generated in thehardware so it can be stated that it could not be mitigated in any other way other than sometype of software and implementing some type of programming into the concept and theframework of the system. In order to initiate a spectre attack it can be stated that it would berequiring certain level of expertise and certain level of education. Different types of patchesare implemented which would be safeguarding the system. It can be stated here that thepatches would not be completely removing the issue and the issue would be still pertaininginto the system (Maisuradze and Rossow 2018). The main aim of the report is to take into consideration the different aspects of theattack related to the meltdown and spectre. It is stated in the report the exact working of theattack and the extent to which it would be affecting the system. the report also puts focus onthe different patches which are available in the market which is reduce the harm which wouldbe done on the system. SpectreThe spectre attack can be considered an attack, which takes advantage of the conceptof the branch ability of the CPU. Taking into consideration most of the modern CPUs the
Assignment on Computer security_3

COMPUTER SECURITY4feature of branch prediction are automatically included into them. Such type of speculativeexecution helps in executing information at a particular location, which is predicted by theCPU. This concept helps in utilizing the CPU more, improving the performance andminimizing the time waste. When the prediction of the branch is made successfully, theinstruction would directly retire whose outcome would be the instructions such as memoryand register write would be committed. On the other hand, it can be stated that if a branchwere not predicted correctly the executed instructions speculatively would be directlydiscarded and the effect of the instruction is not done. The thing, which is not done, is theindirect side effect for example CPU cache changes. Measuring of the latency of the accessmemory operations, the cache can be used directly to extract value from the speculativeexecution instruction. The Spectre variant 1 (CVE-2017-5753)The Spectre variant 2 (CVE-2017-5715) (Maisuradze and Rossow 2018). The direct impact of both the variation, which is relating to the spectre attack, mayleak the sensitive data to other systems. The concept of spectre may allow a part of the theapplication to directly access some other part of the same application, which is otherwise notpermitted to be accessed. The spectre attack does not cross the kernel or the user privilege ofthe memory boundary, which depends upon the target platform and its configuration. Theattack can directly allow an applications user space to be accessed and the leak the kernelmemory (Sclofsky and Funk 2017). Meltdown The meltdown attack can be considered too be related to the Spectre attack whichbasically uses the cache side channel technique in order to access the data that in other formswould not be possible. The main difference, which can be applied to the attack for the
Assignment on Computer security_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
CO4509 – Computer Security
|13
|3355
|62

The Meltdown and Spectre Assignment
|17
|4180
|48

COIT 20246 Assignment Submission
|9
|3329
|56

Sample Assignment on Electronic PDF
|9
|3696
|108

Desklib SEO Suggestions
|9
|4156
|238

COIT 20246 : Information and Communication Technology
|9
|4199
|51