logo

Scrutiny on Meltdown and Spectre

15 Pages4360 Words41 Views
   

Added on  2021-04-17

Scrutiny on Meltdown and Spectre

   Added on 2021-04-17

ShareRelated Documents
SPECTRE AND MELTDOWN
Scrutiny on Meltdown and Spectre_1
INTRODUCTIONComputer security is a major concern for every organisation and most importantly to safe guard the data stored on the system from any loss. It is important to secure the information from data loss or inception of viruses or malware in the system. Security completely deals with securing the data stored on the network from any unauthorized loss. Every organisation is dependent on computer for performing certain tasks thus it is important that updated technology is used (Kocher, et. al, 2018). Everyone relies on the data stored on the computer thus it is important to keep the information secure and preventing data from anyloss. Keeping the information confidential, integrated and available is the vital part of an organization. Computer security cannot be left unnoticed as there are various threats and viruses appearing at every instant. It is essential to safeguard the information from hackers asthey are trying to steal the sensitive data packets stored on the network (Trippel, Lustig and Martonosi, 2018). There are various ways in which person can steal the information or can access the hard drive even if the computer is not open or plugged in. Then the information is misused which leads to loss of confidentiality of the data packets. It may also damage the components of computer, thus for providing complete protection to data it is necessary to protect the computer hardware as well as various components. For protecting system various strategies are available, disk lock is one of them. Disk locks are available in various sizes which provide protection of CPU components. Network security is also important as the flowof data occurs over the network (Watson, et. al, 2018). Network need to be secured as there are various threats on the network that allow third party to read and modify the data silently. Overall computer security deals with securing the system as well as network from all malicious activities. Additionally hardware components, operating system and off shell programs need to be protected. In this report we would be focusing on two major flaws that affect every chip on the computer. Spectre and meltdown are vulnerabilities that contain
Scrutiny on Meltdown and Spectre_2
malicious programs and give access to unauthorized users to access the sensitive data. These flaws lead to leakage of data packets and break all security boundaries that are enforced in thesystems hardware to get the access to steal the data (Thurnher, 2018).SPECRTRE AND MELTDOWNThese security bugs are found on the CPU chip. Central processing unit is the brain ofthe computer and all the functions on the computer are performed due to CPU. These two flaws work on kernel to steal the data of the computer and are very dangerous to be handled. They access any application running on the computer and steal the data from the application; the data could be any sensitive information like credit card information or any confidential information. Thus it is important to fix theses bugs. It is often a misconception that the application running on the system is not linked to each other, user think that operating systemand software’s are isolated from each other. But the fact is not true, it was researched that the software’s running on the system leave the footprints on the processor. Thus the modern processors usually store all the recently accessed data (Boothby, 2015). Thus modern processor leaks the information and gives the software access to an unauthorized user. It is important to eliminate the granularity of access from the software by removing the footprints;this will help in securing the system.Spectre exploits speculative applications and branch predication that leads to loss of data from cache lines of the processor. Spectre doesn’t read memory from kernel or any physical memory but reads the memory from the current process running on the system. Modern processor executes the instructions in a parallel manner but sometimes these instructions are never executed (Etzler, 2014). Snapshots are taken by CPU of these instructions so that if execution is not executed it could be rolled back. Morden processor makes use of branch predication and speculation execution of instruction to improve the performance of the
Scrutiny on Meltdown and Spectre_3
system. Spectre attack includes the victim of a process that will not occur during the execution of correct code. Due to this reason leakage of data take place via side channels. Side channel is the main reason due to which attackers are getting access to read the information in an unauthorized manner by destroying the confidentiality of the system. Increasing the speed of the system is achieved by executing the instruction in a speculative manner by guessing the direction of control flow (Hill and Lynn, 2010). Spectre attack occursdue to outbreak of JavaScript on the system or by attacking the native code.Spectre vulnerability does not permit an unauthorized user to access the privileged memory location. It allows the execution of the code in the victim procedure and allows reading of thedata that is not allowed. Spectre is based on branch predication algorithm and deals with leaking the data packets out of the process without any acknowledgment. Spectre exploration is useful in many ways like it helps the hackers by leaking the private data from the browser and also by leaking the user space modules to promote remote execution of the code (Subashini and Kavitha, 2011). It open the gateway for any dangerous attacks like the JavaScript used for development of website uses Spectre for revealing the sensitive information. Most of the attacks take place at the hardware level which are difficult to be tracked. Patches used by Spectre alleviates the flaws by changing or removing the software code. Caching is the other reason for speculative execution as this process is an underlying feature of hardware which allows attacker to steal the data packets. These feature were basically designed to safeguard the system from these flaws but they make the system slow hence degrades the performance.Meltdown is one of worst bug found in the CPU chip and is important to be resolved immediately. It permits the attacker to read the kernel as well as physical memory from any user process that is not unauthorized. It uses the concept of executing the instruction in an out
Scrutiny on Meltdown and Spectre_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Computer Security Assignment (Solved)
|16
|3997
|46

cyber Attack presentation 2022
|11
|796
|49

Information and Communication Technology Assignment
|9
|4236
|92

Computer Security - Assignment Sample
|14
|3627
|29

COIT 20246 Information and Communication Technology
|13
|4605
|108

The Meltdown and Spectre Assignment
|17
|4180
|48