Sunday, March 7, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Intel proposes new SAPM memory type to protect against Spectre-like attacks

October 2, 2019
in Internet Security
Intel proposes new SAPM memory type to protect against Spectre-like attacks
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Intel published last week a research paper detailing a new type of computer memory that was specifically designed to safeguard against speculative execution side-channel attacks, such as Meltdown, Spectre, L1TF, SGXSpectre, SWAPGSAttack, Zombieload, MDS, and others.

Speculative execution side-channel attacks are vulnerabilities in how a processor handles speculative execution, a process through which CPUs run calculations in advance, and discard unnecessary data.

You might also like

Maza Russian cybercriminal forum suffers data breach

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now

For many years, speculative execution has been viewed as one of the best ways to optimize CPUs and boost their performance. But since 2017, academics began finding cracks in the speculative execution process through which attackers could extract sensitive data that was being processed inside a CPU’s memory (cache).

Intel CPUs were the ones most affected by these issues, since the company heavily invested in boosting CPU performance through speculative execution. The CPU maker responded to these bugs by adding a series of hardware-based protections to its upcoming CPUs and releasing software-based fixes for older series.

Enter SAPM

But in a research paper published last week, Intel proposed SAPM — or Speculative-Access Protected Memory. This is a new memory type that Intel would want to replace the current CPU memory system.

SAPM is the work of Intel STORM (STrategic Offensive Research & Mitigations), a team of elite security researchers that Intel assembled since 2017 to work on creating mitigations for all the speculative-execution attacks that have impacted the CPU maker’s products.

SAPM is only an idea for the moment, and there are no silicon prototypes. Intel STORM engineers only released “the theory and possible implementation options,” to provide “a ground base for other researchers to improve upon and also for the industry to consider.”

They said they started working on SAPM as an alternative to the current hardware and software-level mitigations.

intel-mitigations.png

Intel STORM researchers say SAPM will implement protections at the hardware level and will work with both physical and virtual memory addresses.

“SAPM can be applied to specific memory ranges, with the attribute that any memory access to such memory type will be instruction-level serialized, meaning that any speculative execution beyond the SAPM-accessing instruction will be stopped pending the successful retirement of this SAPM-accessing instruction,” Intel STORM developers said in their short description of SAPM’s basic principles.

SAPM is future-proof

Researchers say their “proposal provides more flexibility to software” by moving most of the mechanism that prevents speculative execution attacks at the hardware level.

The idea is that most speculative execution side-channel attacks can be split into two parts: the “frontend” part of the exploit code, and its “backend.”

Intel STORM researchers say the second part (backend) of most speculative execution attacks performs the same actions. SAPM was designed to introduce hardware-based protections against the backend part of most attacks.

It’s because of this concept that Intel’s research team believes that SAPM will also future-proof the next generations of Intel CPUs against other — currently undiscovered — speculative execution attacks.

But the idea of introducing new mitigations will always raise questions about reducing CPU performance. Intel STORM researchers don’t deny that there’s a performance hit; however, this impact is low and could be mitigated further by dropping other existing protections.

“Although the performance cost for each memory access to SAPM is relatively big, considering such operations shall only be a very small portion of the total software execution, the overall performance overhead is expected to be low and potentially less than the performance impact of current mitigations,” researchers said.

The SAPM technical details are available here.

Credit: Zdnet

Previous Post

Is There a Difference Between Open Data and Public Data?

Next Post

The Next Big Customer Experience Opportunity

Related Posts

Maza Russian cybercriminal forum suffers data breach
Internet Security

Maza Russian cybercriminal forum suffers data breach

March 7, 2021
Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud
Internet Security

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

March 7, 2021
CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now
Internet Security

CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now

March 7, 2021
Linux distributions: All the talent and hard work that goes into building a good one
Internet Security

Linux distributions: All the talent and hard work that goes into building a good one

March 7, 2021
Check to see if you’re vulnerable to Microsoft Exchange Server zero-days using this tool
Internet Security

Check to see if you’re vulnerable to Microsoft Exchange Server zero-days using this tool

March 7, 2021
Next Post
The Next Big Customer Experience Opportunity

The Next Big Customer Experience Opportunity

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Machine Learning Market Expansion Projected to Gain an Uptick During 2021-2027
Machine Learning

Machine Learning Market Expansion Projected to Gain an Uptick During 2021-2027

March 7, 2021
Maza Russian cybercriminal forum suffers data breach
Internet Security

Maza Russian cybercriminal forum suffers data breach

March 7, 2021
Clinical presentation of COVID-19 – a model derived by a machine learning algorithm
Machine Learning

Clinical presentation of COVID-19 – a model derived by a machine learning algorithm

March 7, 2021
Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud
Internet Security

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

March 7, 2021
Researchers at Utrecht University Develop an Open-Source Machine Learning (ML) Framework Called ASReview to Help Researchers Carry Out Systematic Reviews
Machine Learning

Researchers at Utrecht University Develop an Open-Source Machine Learning (ML) Framework Called ASReview to Help Researchers Carry Out Systematic Reviews

March 7, 2021
CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now
Internet Security

CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now

March 7, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Machine Learning Market Expansion Projected to Gain an Uptick During 2021-2027 March 7, 2021
  • Maza Russian cybercriminal forum suffers data breach March 7, 2021
  • Clinical presentation of COVID-19 – a model derived by a machine learning algorithm March 7, 2021
  • Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud March 7, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates