pith. sign in

arxiv: 1907.03651 · v1 · pith:URNVVW7Nnew · submitted 2019-07-08 · 💻 cs.CR · cs.LG

FortuneTeller: Predicting Microarchitectural Attacks via Unsupervised Deep Learning

Berk Gulmezoglu , Ahmad Moghimi , Thomas Eisenbarth , Berk Sunar This is my paper

Pith reviewed 2026-05-25 01:06 UTC · model grok-4.3

classification 💻 cs.CR cs.LG
keywords microarchitectural attacksunsupervised learningrecurrent neural networkshardware performance countersanomaly detectionMeltdownSpectreRowhammer
0
0 comments X

The pith

A single RNN model trained only on benign hardware counter patterns detects multiple unseen microarchitectural attacks including Meltdown, Spectre, Rowhammer and Zombieload.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper introduces FortuneTeller, which trains a recurrent neural network unsupervised on ten million samples of hardware performance counters collected from normal applications running on Intel processors. The network learns to predict upcoming sequences of counter values that would occur under benign execution. Any sustained mismatch between these predictions and the actual observed counters at runtime is treated as evidence of an attack. This single model identifies several recent attacks without ever having seen attack traces during training and reports an F-score of 0.9970.

Core claim

FortuneTeller models benign workload pattern from a microarchitectural standpoint in an unsupervised fashion, and then predicts how upcoming benign executions are supposed to behave. Potential attacks and malicious behaviors are detected automatically when there is a discrepancy between the predicted execution pattern and the runtime observation. The approach is implemented using available hardware performance counters and succeeds on the latest attacks such as Meltdown, Spectre, Rowhammer and Zombieload with one trained model.

What carries the argument

Recurrent neural network predictor trained on sequences of hardware performance counters from benign applications; it captures short- and long-term dependencies to forecast normal counter behavior.

If this is right

  • One trained model covers multiple distinct attack families without requiring attack-specific retraining.
  • Detection works on real-world systems using only standard Intel hardware performance counters.
  • The unsupervised training phase uses only benign data, removing the need to collect attack samples in advance.
  • Reported detection performance reaches an F-score of 0.9970 across the tested attacks.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same prediction-discrepancy approach could be applied to other observable system signals such as power or thermal traces.
  • Deployment inside an operating-system kernel or hypervisor might allow continuous monitoring with low overhead.
  • If the learned normal patterns prove stable across processor generations, the model could reduce the frequency of security updates needed for new attack classes.

Load-bearing premise

That discrepancies between the RNN's predicted hardware counter patterns and observed runtime values reliably indicate malicious attacks rather than benign workload variations or other non-attack anomalies.

What would settle it

A controlled experiment in which the model is run on a broad collection of previously unseen benign workloads that vary in intensity and resource use, then checked for whether the false-positive rate exceeds practical thresholds or whether a new attack variant evades detection.

Figures

Figures reproduced from arXiv: 1907.03651 by Ahmad Moghimi, Berk Gulmezoglu, Berk Sunar, Thomas Eisenbarth.

Figure 1
Figure 1. Figure 1: RNN, LSTM, GRU cells B. Hardware Performance Counters (HPCs) Rowhammer DRAM cells have the possibility to leak charge over time. Rowhammer [19] triggers the leak by accessing neighboring rows repeatedly. This leads to bit flips, which enables adversaries with low access right to gain system privileges [48]. clflush instruction is also commonly used to increase repeated access to the DRAM by bypassing the c… view at source ↗
Figure 2
Figure 2. Figure 2: FortuneTellerimplementation IV. FortuneTeller A. Methodology Our conceptual design for FortuneTeller consists of two phases as shown in [PITH_FULL_IMAGE:figures/full_fig_p005_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Mean squared error rates for benign (blue) and attack (red) executions [PITH_FULL_IMAGE:figures/full_fig_p007_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Validation error with increasing number of measurements for Gnupg [PITH_FULL_IMAGE:figures/full_fig_p008_4.png] view at source ↗
Figure 5
Figure 5. Figure 5: Prediction error in Gnupg for LSTM algorithm [PITH_FULL_IMAGE:figures/full_fig_p008_5.png] view at source ↗
Figure 7
Figure 7. Figure 7: ROC curve for LSTM and GRU models in server scenario [PITH_FULL_IMAGE:figures/full_fig_p009_7.png] view at source ↗
Figure 8
Figure 8. Figure 8: Threshold vs. Decision Window for benign applications (gray) and [PITH_FULL_IMAGE:figures/full_fig_p009_8.png] view at source ↗
Figure 9
Figure 9. Figure 9: ROC curve for LSTM and GRU models in laptop scenario [PITH_FULL_IMAGE:figures/full_fig_p010_9.png] view at source ↗
read the original abstract

The growing security threat of microarchitectural attacks underlines the importance of robust security sensors and detection mechanisms at the hardware level. While there are studies on runtime detection of cache attacks, a generic model to consider the broad range of existing and future attacks is missing. Unfortunately, previous approaches only consider either a single attack variant, e.g. Prime+Probe, or specific victim applications such as cryptographic implementations. Furthermore, the state-of-the art anomaly detection methods are based on coarse-grained statistical models, which are not successful to detect anomalies in a large-scale real world systems. Thanks to the memory capability of advanced Recurrent Neural Networks (RNNs) algorithms, both short and long term dependencies can be learned more accurately. Therefore, we propose FortuneTeller, which for the first time leverages the superiority of RNNs to learn complex execution patterns and detects unseen microarchitectural attacks in real world systems. FortuneTeller models benign workload pattern from a microarchitectural standpoint in an unsupervised fashion, and then, it predicts how upcoming benign executions are supposed to behave. Potential attacks and malicious behaviors will be detected automatically, when there is a discrepancy between the predicted execution pattern and the runtime observation. We implement FortuneTeller based on the available hardware performance counters on Intel processors and it is trained with 10 million samples obtained from benign applications. For the first time, the latest attacks such as Meltdown, Spectre, Rowhammer and Zombieload are detected with one trained model and without observing these attacks during the training. We show that FortuneTeller achieves F-score of 0.9970.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 0 minor

Summary. The paper proposes FortuneTeller, an unsupervised RNN model trained exclusively on 10 million benign hardware performance counter samples from Intel processors. It predicts expected benign execution patterns and flags discrepancies as microarchitectural attacks (including unseen ones such as Meltdown, Spectre, Rowhammer, and Zombieload), claiming an F-score of 0.9970 with a single model.

Significance. If the central claim holds after proper validation, the work would be significant as the first generic, attack-agnostic detector for a broad range of microarchitectural attacks that does not require attack samples in training and improves on coarse statistical baselines via RNN memory of short- and long-term dependencies.

major comments (2)
  1. [Abstract] Abstract: the central claim that discrepancies between RNN-predicted and observed counter patterns reliably indicate attacks (including unseen ones) rather than benign workload variations rests on an untested generalization assumption; no results are supplied on held-out benign programs, varying inputs, or concurrent activity that could produce natural deviations exceeding the (unspecified) detection threshold.
  2. [Abstract] Abstract: the reported F-score of 0.9970 on unseen attacks is presented without any information on RNN architecture, training/validation splits, data collection/labeling procedure for the 10M samples, baseline comparisons, or false-positive behavior on benign runs, leaving the quantitative result unsupported by visible evidence.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive comments on the abstract. We address each point below and will revise the abstract to strengthen support for the claims.

read point-by-point responses

  1. Referee: [Abstract] Abstract: the central claim that discrepancies between RNN-predicted and observed counter patterns reliably indicate attacks (including unseen ones) rather than benign workload variations rests on an untested generalization assumption; no results are supplied on held-out benign programs, varying inputs, or concurrent activity that could produce natural deviations exceeding the (unspecified) detection threshold.

    Authors: We agree the abstract does not reference results on held-out benign programs. The full manuscript evaluates the model on diverse held-out benign workloads (including varying inputs and concurrent activity) to confirm that natural deviations do not exceed the detection threshold. We will revise the abstract to note this validation and the threshold determination process. revision: yes

  2. Referee: [Abstract] Abstract: the reported F-score of 0.9970 on unseen attacks is presented without any information on RNN architecture, training/validation splits, data collection/labeling procedure for the 10M samples, baseline comparisons, or false-positive behavior on benign runs, leaving the quantitative result unsupported by visible evidence.

    Authors: The abstract is space-constrained, but the manuscript details the LSTM RNN architecture, the unsupervised training on 10M unlabeled samples collected via perf counters from benign applications (no labeling required), training/validation procedures, statistical baseline comparisons, and low false-positive rates on benign runs. We will revise the abstract to include key supporting details such as model type and data collection method. revision: yes

Circularity Check

0 steps flagged

No significant circularity; standard unsupervised anomaly detection

full rationale

The paper trains an RNN exclusively on 10M benign hardware-counter samples to learn normal execution patterns, then flags discrepancies on new inputs (including unseen attacks) as malicious. This is a conventional anomaly-detection setup with no reduction of the detection rule to the training inputs by construction, no self-definitional loops, and no load-bearing self-citations or imported uniqueness theorems. The central claim remains independent of the fitted model parameters once training is complete.

Axiom & Free-Parameter Ledger

1 free parameters · 1 axioms · 0 invented entities

The claim rests on the domain assumption that hardware performance counters capture attack-induced deviations distinguishable by an RNN, plus the fitted neural network parameters learned from benign traces.

free parameters (1)
  • RNN model parameters
    Weights and biases fitted to the 10 million benign samples to enable sequence prediction.
axioms (1)
  • domain assumption Hardware performance counters on Intel processors provide sufficient signal to model and predict benign execution patterns for attack detection
    Invoked as the input representation for the unsupervised model.

pith-pipeline@v0.9.0 · 5828 in / 1153 out tokens · 26452 ms · 2026-05-25T01:06:59.723726+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

109 extracted references · 109 canonical work pages · 4 internal anchors

  1. [1]

    https://openbenchmarking.org/tests/pts

    Phoronix Test Suite Tests. https://openbenchmarking.org/tests/pts

    work page

  2. [2]

    Murray, Benoit Steiner, Paul Tucker, Vijay Vasudevan, Pete Warden, Martin Wicke, Yuan Yu, and Xiaoqiang Zheng

    Mart ´ın Abadi, Paul Barham, Jianmin Chen, Zhifeng Chen, Andy Davis, Jeffrey Dean, Matthieu Devin, Sanjay Ghemawat, Geoffrey Irving, Michael Isard, Manjunath Kudlur, Josh Levenberg, Rajat Monga, Sherry Moore, Derek G. Murray, Benoit Steiner, Paul Tucker, Vijay Vasudevan, Pete Warden, Martin Wicke, Yuan Yu, and Xiaoqiang Zheng. Ten- sorflow: A system for la...

    work page 2016

  3. [3]

    Hpc- toolkit: Tools for performance analysis of optimized parallel programs

    Laksono Adhianto, Sinchan Banerjee, Mike Fagan, Mark Krentel, Gabriel Marin, John Mellor-Crummey, and Nathan R Tallent. Hpc- toolkit: Tools for performance analysis of optimized parallel programs. Concurrency and Computation: Practice and Experience , 22(6):685– 701, 2010

    work page 2010

  4. [4]

    Bacelar Almeida, Manuel Barbosa, Jorge S

    J. Bacelar Almeida, Manuel Barbosa, Jorge S. Pinto, and Brbara Vieira. Formal verification of side-channel countermeasures using self- composition. Science of Computer Programming, 78(7):796 – 812, 2013

    work page 2013

  5. [5]

    Anvil: Software-based protection against next-generation rowhammer attacks

    Zelalem Birhanu Aweke, Salessawi Ferede Yitbarek, Rui Qiao, Reetu- parna Das, Matthew Hicks, Yossi Oren, and Todd Austin. Anvil: Software-based protection against next-generation rowhammer attacks. ACM SIGPLAN Notices , 51(4):743–755, 2016

    work page 2016

  6. [6]

    Hpc- malhunter: Behavioral malware detection using hardware performance counters and singular value decomposition

    Mohammad Bagher Bahador, Mahdi Abadi, and Asghar Tajoddin. Hpc- malhunter: Behavioral malware detection using hardware performance counters and singular value decomposition. In Computer and Knowledge Engineering (ICCKE), 2014 4th International eConference on , pages 703–708. IEEE, 2014

    work page 2014

  7. [7]

    Cacheshield: Detecting cache attacks through self-observation

    Samira Briongos, Gorka Irazoqui, Pedro Malag ´on, and Thomas Eisen- barth. Cacheshield: Detecting cache attacks through self-observation. In Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy , CODASPY ’18, pages 224–235, New York, NY , USA, 2018. ACM

    work page 2018

  8. [8]

    Fact: A flexible, constant- time programming language

    Sunjay Cauligi, Gary Soeller, Fraser Brown, Brian Johannesmeyer, Yunlu Huang, Ranjit Jhala, and Deian Stefan. Fact: A flexible, constant- time programming language. In IEEE Cybersecurity Development, SecDev 2017, Cambridge, MA, USA, September 24-26, 2017 , pages 69– 76, 2017

    work page 2017

  9. [9]

    Sgxpectre attacks: Leaking enclave secrets via speculative execution

    Guoxing Chen, Sanchuan Chen, Yuan Xiao, Yinqian Zhang, Zhiqiang Lin, and Ten H Lai. Sgxpectre attacks: Leaking enclave secrets via speculative execution. arXiv preprint arXiv:1802.09085 , 2018

    work page arXiv 2018

  10. [10]

    Real time detec- tion of cache-based side-channel attacks using hardware performance counters

    Marco Chiappetta, Erkay Savas, and Cemal Yilmaz. Real time detec- tion of cache-based side-channel attacks using hardware performance counters. Applied Soft Computing , 49:1162–1174, 2016

    work page 2016

  11. [11]

    State-of-the-art speech recognition with sequence-to-sequence models

    Chung-Cheng Chiu, Tara N Sainath, Yonghui Wu, Rohit Prabhavalkar, Patrick Nguyen, Zhifeng Chen, Anjuli Kannan, Ron J Weiss, Kanishka Rao, Ekaterina Gonina, et al. State-of-the-art speech recognition with sequence-to-sequence models. In 2018 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) , pages 4774–

    work page 2018

  12. [12]

    Keras, 2015

    Franc ¸ois Chollet et al. Keras, 2015

    work page 2015

  13. [13]

    On the feasi- bility of online malware detection with performance counters

    John Demme, Matthew Maycock, Jared Schmitz, Adrian Tang, Adam Waksman, Simha Sethumadhavan, and Salvatore Stolfo. On the feasi- bility of online malware detection with performance counters. In ACM SIGARCH Computer Architecture News , volume 41, pages 559–570. ACM, 2013

    work page 2013

  14. [14]

    Deeplog: Anomaly detection and diagnosis from system logs through deep learn- ing

    Min Du, Feifei Li, Guineng Zheng, and Vivek Srikumar. Deeplog: Anomaly detection and diagnosis from system logs through deep learn- ing. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security , pages 1285–1298. ACM, 2017

    work page 2017

  15. [15]

    Jump over aslr: Attacking branch predictors to bypass aslr

    Dmitry Evtyushkin, Dmitry Ponomarev, and Nael Abu-Ghazaleh. Jump over aslr: Attacking branch predictors to bypass aslr. In The 49th Annual IEEE/ACM International Symposium on Microarchitecture, MICRO-49, pages 40:1–40:13, Piscataway, NJ, USA, 2016. IEEE Press

    work page 2016

  16. [16]

    A study of machine learning classifiers for anomaly-based mobile botnet detection

    Ali Feizollah, Nor Badrul Anuar, Rosli Salleh, Fairuz Amalina, Shaha- boddin Shamshirband, et al. A study of machine learning classifiers for anomaly-based mobile botnet detection. Malaysian Journal of Computer Science, 26(4):251–265, 2013. 13

    work page 2013

  17. [17]

    Kaslr is dead: long live kaslr

    Daniel Gruss, Moritz Lipp, Michael Schwarz, Richard Fellner, Cl´ementine Maurice, and Stefan Mangard. Kaslr is dead: long live kaslr. In International Symposium on Engineering Secure Software and Systems, pages 161–176. Springer, 2017

    work page 2017

  18. [18]

    Prefetch side-channel attacks: Bypassing smap and kernel aslr

    Daniel Gruss, Cl ´ementine Maurice, Anders Fogh, Moritz Lipp, and Stefan Mangard. Prefetch side-channel attacks: Bypassing smap and kernel aslr. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS ’16, pages 368–379, New York, NY , USA, 2016. ACM

    work page 2016

  19. [19]

    Rowham- mer.js: A remote software-induced fault attack in javascript

    Daniel Gruss, Cl ´ementine Maurice, and Stefan Mangard. Rowham- mer.js: A remote software-induced fault attack in javascript. In Detection of Intrusions and Malware, and Vulnerability Assessment , pages 300–

    work page

  20. [20]

    Flush+flush: A fast and stealthy cache attack

    Daniel Gruss, Cl ´ementine Maurice, Klaus Wagner, and Stefan Mangard. Flush+flush: A fast and stealthy cache attack. In Juan Caballero, Urko Zurutuza, and Ricardo J. Rodr´ıguez, editors, Detection of Intrusions and Malware, and Vulnerability Assessment , pages 279–299, Cham, 2016. Springer International Publishing

    work page 2016

  21. [21]

    A faster and more realistic flush+ reload attack on aes

    Berk G ¨ulmezo˘glu, Mehmet Sinan Inci, Gorka Irazoqui, Thomas Eisen- barth, and Berk Sunar. A faster and more realistic flush+ reload attack on aes. In International Workshop on Constructive Side-Channel Analysis and Secure Design , pages 111–126. Springer, 2015

    work page 2015

  22. [22]

    Undermining user privacy on mobile devices using ai

    Berk Gulmezoglu, Andreas Zankl, Caner Tol, Saad Islam, Thomas Eisenbarth, and Berk Sunar. Undermining user privacy on mobile devices using ai. arXiv preprint arXiv:1811.11218 , 2018

    work page arXiv 2018

  23. [23]

    These are not your grand daddys cpu performance counters–cpu hardware performance counters for security

    N Herath and A Fogh. These are not your grand daddys cpu performance counters–cpu hardware performance counters for security. Black Hat Briefings, 2015

    work page 2015

  24. [24]

    Cache attacks enable bulk key recovery on the cloud

    Mehmet Sinan ˙Inci, Berk Gulmezoglu, Gorka Irazoqui, Thomas Eisen- barth, and Berk Sunar. Cache attacks enable bulk key recovery on the cloud. In Cryptographic Hardware and Embedded Systems – CHES 2016, pages 368–388, Berlin, Heidelberg, 2016. Springer

    work page 2016

  25. [25]

    Intel pcm, 2019

    Intel. Intel pcm, 2019. https://github.com/opcm/pcm. Last accessed 2019-02-15

    work page 2019

  26. [26]

    S$a: A shared cache attack that works across cores and defies vm sandboxing – and its application to aes

    Gorka Irazoqui, Thomas Eisenbarth, and Berk Sunar. S$a: A shared cache attack that works across cores and defies vm sandboxing – and its application to aes. In Proceedings of the 2015 IEEE Symposium on Security and Privacy , SP ’15, pages 591–604, Washington, DC, USA,

    work page 2015

  27. [28]

    S$a: A shared cache attack that works across cores and defies vm sandboxingand its application to aes

    Gorka Irazoqui, Thomas Eisenbarth, and Berk Sunar. S$a: A shared cache attack that works across cores and defies vm sandboxingand its application to aes. In Proceedings of the 2015 IEEE Symposium on Security and Privacy , SP ’15, pages 591–604, San Jose, CA, USA,

    work page 2015

  28. [29]

    IEEE Computer Society

    work page

  29. [30]

    Mascat: Stopping microarchitectural attacks before execution

    Gorka Irazoqui, Thomas Eisenbarth, and Berk Sunar. Mascat: Stopping microarchitectural attacks before execution. IACR Cryptology ePrint Archive, 2016:1196, 2016

    work page 2016

  30. [31]

    Wait a minute! a fast, cross-vm attack on aes

    Gorka Irazoqui, Mehmet Sinan Inci, Thomas Eisenbarth, and Berk Sunar. Wait a minute! a fast, cross-vm attack on aes. In Research in Attacks, Intrusions and Defenses , pages 299–319. Springer, 2014

    work page 2014

  31. [32]

    Breaking kernel address space layout randomization with intel tsx

    Yeongjin Jang, Sangho Lee, and Taesoo Kim. Breaking kernel address space layout randomization with intel tsx. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security , pages 380–392. ACM, 2016

    work page 2016

  32. [33]

    Spectre attacks: Exploiting speculative execution

    Paul Kocher, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Ham- burg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. Spectre attacks: Exploiting speculative execution. ArXiv e-prints, January 2018

    work page 2018

  33. [34]

    Armageddon: Cache attacks on mobile devices

    Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Cl ´ementine Maurice, and Stefan Mangard. Armageddon: Cache attacks on mobile devices. In 25th USENIX Security Symposium (USENIX Security 16) , pages 549– 564, Austin, TX, 2016. USENIX Association

    work page 2016

  34. [35]

    Meltdown: Reading kernel memory from user space

    Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. Meltdown: Reading kernel memory from user space. In 27th USENIX Security Symposium (USENIX Security 18), Baltimore, MD, 2018. USENIX Association

    work page 2018

  35. [36]

    F. Liu, Q. Ge, Y . Yarom, F. Mckeen, C. Rozas, G. Heiser, and R. B. Lee. Catalyst: Defeating last-level cache side channel attacks in cloud computing. In 2016 IEEE International Symposium on High Performance Computer Architecture (HPCA) , pages 406–418, March 2016

    work page 2016

  36. [37]

    ret2spec: Speculative exe- cution using return stack buffers

    Giorgi Maisuradze and Christian Rossow. ret2spec: Speculative exe- cution using return stack buffers. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security , pages 2109–2122. ACM, 2018

    work page 2018

  37. [38]

    Are hardware performance counters a cost effective way for integrity checking of programs

    Corey Malone, Mohamed Zahran, and Ramesh Karri. Are hardware performance counters a cost effective way for integrity checking of programs. In Proceedings of the sixth ACM workshop on Scalable trusted computing, pages 71–76. ACM, 2011

    work page 2011

  38. [39]

    Reverse engineering intel last-level cache complex addressing using performance counters

    Cl ´ementine Maurice, Nicolas Le Scouarnec, Christoph Neumann, Olivier Heen, and Aur ´elien Francillon. Reverse engineering intel last-level cache complex addressing using performance counters. In International Workshop on Recent Advances in Intrusion Detection , pages 48–65. Springer, 2015

    work page 2015

  39. [40]

    Fast, lean, and accurate: Modeling password guessability using neural networks

    William Melicher, Blase Ur, Sean M Segreti, Saranga Komanduri, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor. Fast, lean, and accurate: Modeling password guessability using neural networks. In USENIX Security Symposium , pages 175–191, 2016

    work page 2016

  40. [41]

    Fallout: Reading Kernel Writes From User Space

    Marina Minkin, Daniel Moghimi, Moritz Lipp, Michael Schwarz, Jo Van Bulck, Daniel Genkin, Daniel Gruss, Frank Piessens, Berk Sunar, and Yuval Yarom. Fallout: Reading kernel writes from user space. arXiv preprint arXiv:1905.12701, 2019

    work page internal anchor Pith review Pith/arXiv arXiv 1905

  41. [42]

    Memjam: A false dependency attack against constant-time crypto implementations in SGX

    Ahmad Moghimi, Thomas Eisenbarth, and Berk Sunar. Memjam: A false dependency attack against constant-time crypto implementations in SGX. In Topics in Cryptology - CT-RSA 2018 - The Cryptographers’ Track at the RSA Conference 2018, San Francisco, CA, USA, April 16- 20, 2018, Proceedings , pages 21–44, 2018

    work page 2018

  42. [43]

    Nights-watch: a cache- based side-channel intrusion detector using hardware performance coun- ters

    Maria Mushtaq, Ayaz Akram, Muhammad Khurram Bhatti, Maham Chaudhry, Vianney Lapotre, and Guy Gogniat. Nights-watch: a cache- based side-channel intrusion detector using hardware performance coun- ters. In Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and Privacy , page 1. ACM, 2018

    work page 2018

  43. [44]

    Kemerlis, Simha Sethumadhavan, and Ange- los D

    Yossef Oren, Vasileios P. Kemerlis, Simha Sethumadhavan, and Ange- los D. Keromytis. The spy in the sandbox: Practical cache attacks in javascript and their implications. In Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security , CCS ’15, pages 1406–1418, New York, NY , USA, 2015. ACM

    work page 2015

  44. [45]

    Malware classification with recurrent networks

    Razvan Pascanu, Jack W Stokes, Hermineh Sanossian, Mady Marinescu, and Anil Thomas. Malware classification with recurrent networks. In Acoustics, Speech and Signal Processing (ICASSP), 2015 IEEE International Conference on , pages 1916–1920. IEEE, 2015

    work page 2015

  45. [46]

    Raccoon: Closing digital side-channels through obfuscated execution

    Ashay Rane, Calvin Lin, and Mohit Tiwari. Raccoon: Closing digital side-channels through obfuscated execution. In 24th USENIX Security Symposium (USENIX Security 15) , pages 431–446, Washington, D.C.,

    work page

  46. [47]

    Generic Black-Box End-to-End Attack Against State of the Art API Call Based Malware Classifiers

    Ishai Rosenberg, Asaf Shabtai, Lior Rokach, and Yuval Elovici. Generic black-box end-to-end attack against rnns and other api calls based malware classifiers. arXiv preprint arXiv:1707.05970 , 2017

    work page internal anchor Pith review Pith/arXiv arXiv 2017

  47. [48]

    Long Short-Term Memory Based Recurrent Neural Network Architectures for Large Vocabulary Speech Recognition

    Has ¸im Sak, Andrew Senior, and Franc ¸oise Beaufays. Long short- term memory based recurrent neural network architectures for large vocabulary speech recognition. arXiv preprint arXiv:1402.1128 , 2014

    work page internal anchor Pith review Pith/arXiv arXiv 2014

  48. [49]

    ZombieLoad: Cross-Privilege-Boundary Data Sampling

    Michael Schwarz, Moritz Lipp, Daniel Moghimi, Jo Van Bulck, Julian Stecklina, Thomas Prescher, and Daniel Gruss. Zombieload: Cross- privilege-boundary data sampling. arXiv preprint arXiv:1905.05726 , 2019

    work page internal anchor Pith review Pith/arXiv arXiv 1905

  49. [50]

    Exploiting the dram rowhammer bug to gain kernel privileges

    Mark Seaborn and Thomas Dullien. Exploiting the dram rowhammer bug to gain kernel privileges. Black Hat, 15, 2015

    work page 2015

  50. [51]

    andromaly: a behavioral malware detection framework for android devices

    Asaf Shabtai, Uri Kanonov, Yuval Elovici, Chanan Glezer, and Yael Weiss. andromaly: a behavioral malware detection framework for android devices. Journal of Intelligent Information Systems , 38(1):161– 190, 2012

    work page 2012

  51. [52]

    Tiresias: Predicting security events through deep learning

    Yun Shen, Enrico Mariconti, Pierre Antoine Vervier, and Gianluca Stringhini. Tiresias: Predicting security events through deep learning. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pages 592–605. ACM, 2018

    work page 2018

  52. [53]

    Recognizing functions in binaries with neural networks

    Eui Chul Richard Shin, Dawn Song, and Reza Moazzezi. Recognizing functions in binaries with neural networks. In USENIX Security Symposium, pages 611–626, 2015

    work page 2015

  53. [54]

    The brain is here and it is already inside your phone, 2014

    Steven Levy. The brain is here and it is already inside your phone, 2014. https://www.wired.com/2016/08/an-exclusive-look-at- how-ai-and-machine-learning-work-at-apple/. Last accessed 2019-02- 02

    work page 2014

  54. [55]

    Lstm neural networks for language modeling

    Martin Sundermeyer, Ralf Schl ¨uter, and Hermann Ney. Lstm neural networks for language modeling. In Thirteenth annual conference of the international speech communication association , 2012

    work page 2012

  55. [56]

    Adrian Tang, Simha Sethumadhavan, and SalvatoreJ. Stolfo. Unsuper- vised anomaly-based malware detection using hardware features. In 14 Research in Attacks, Intrusions and Defenses , volume 8688 of Lecture Notes in Computer Science , pages 109–129. Springer, 2014

    work page 2014

  56. [57]

    Efficient cache attacks on AES, and countermeasures

    Eran Tromer, Dag Arne Osvik, and Adi Shamir. Efficient cache attacks on AES, and countermeasures. Journal of Cryptology , 2010

    work page 2010

  57. [58]

    Foreshadow: Extracting the keys to the intel{SGX} kingdom with transient out-of-order execution

    Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F Wenisch, Yuval Yarom, and Raoul Strackx. Foreshadow: Extracting the keys to the intel{SGX} kingdom with transient out-of-order execution. In 27th {USENIX} Security Symposium ({USENIX} Security 18) , pages 991– 1008, 2018

    work page 2018

  58. [59]

    RIDL: Rogue in-flight data load

    Stephan van Schaik, Alyssa Milburn, Sebastian sterlund, Pietro Frigo, Giorgi Maisuradze, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida. RIDL: Rogue in-flight data load. In S&P, May 2019

    work page 2019

  59. [60]

    Numchecker: Detecting ker- nel control-flow modifying rootkits by using hardware performance counters

    Xueyang Wang and Ramesh Karri. Numchecker: Detecting ker- nel control-flow modifying rootkits by using hardware performance counters. In Design Automation Conference (DAC), 2013 50th ACM/EDAC/IEEE, pages 1–7. IEEE, 2013

    work page 2013

  60. [61]

    Confirm: Detecting firmware modifications in embedded systems using hardware performance counters

    Xueyang Wang, Charalambos Konstantinou, Michail Maniatakos, and Ramesh Karri. Confirm: Detecting firmware modifications in embedded systems using hardware performance counters. In Proceedings of the IEEE/ACM International Conference on Computer-Aided Design , pages 544–551. IEEE Press, 2015

    work page 2015

  61. [62]

    Data–differential address trace analysis: find- ing address-based side-channels in binaries

    Samuel Weiser, Andreas Zankl, Raphael Spreitzer, Katja Miller, Stefan Mangard, and Georg Sigl. Data–differential address trace analysis: find- ing address-based side-channels in binaries. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD, pages 603–620, 2018

    work page 2018

  62. [63]

    Microwalk: A framework for finding side channels in binaries

    Jan Wichelmann, Ahmad Moghimi, Thomas Eisenbarth, and Berk Sunar. Microwalk: A framework for finding side channels in binaries. In Pro- ceedings of the 34th Annual Computer Security Applications Conference, pages 161–173. ACM, 2018

    work page 2018

  63. [64]

    Cfimon: Detecting violation of control flow integrity using performance counters

    Yubin Xia, Yutao Liu, Haibo Chen, and Binyu Zang. Cfimon: Detecting violation of control flow integrity using performance counters. In Dependable Systems and Networks (DSN), 2012 42nd Annual IEEE/IFIP International Conference on , pages 1–12. IEEE, 2012

    work page 2012

  64. [65]

    Recovering openssl ecdsa nonces using the flush+reload cache side-channel attack

    Yuval Yarom and Naomi Benger. Recovering openssl ecdsa nonces using the flush+reload cache side-channel attack. IACR Cryptology ePrint Archive, 2014:140, 2014

    work page 2014

  65. [66]

    Flush+reload: A high resolution, low noise, l3 cache side-channel attack

    Yuval Yarom and Katrina Falkner. Flush+reload: A high resolution, low noise, l3 cache side-channel attack. In 23rd USENIX Security Symposium (USENIX Security 14), pages 719–732, San Diego, CA, 2014. USENIX Association

    work page 2014

  66. [67]

    CacheBleed: a timing attack on OpenSSL constant-time RSA

    Yuval Yarom, Daniel Genkin, and Nadia Heninger. CacheBleed: a timing attack on OpenSSL constant-time RSA. Journal of Cryptographic Engineering, 7(2):99–112, 2017

    work page 2017

  67. [68]

    Security breaches as pmu deviation: detecting and identifying security attacks using performance counters

    Liwei Yuan, Weichao Xing, Haibo Chen, and Binyu Zang. Security breaches as pmu deviation: detecting and identifying security attacks using performance counters. In Proceedings of the Second Asia-Pacific Workshop on Systems, page 6. ACM, 2011

    work page 2011

  68. [69]

    Tianwei Zhang, Yinqian Zhang, and Ruby B. Lee. Cloudradar: A real- time side-channel attack detection system in clouds. In Fabian Mon- rose, Marc Dacier, Gregory Blanc, and Joaquin Garcia-Alfaro, editors, Research in Attacks, Intrusions, and Defenses: 19th International Sym- posium, RAID 2016, Paris, France, September 19-21, 2016, Proceedings, pages 118–1...

    work page 2016

  69. [70]

    Reiter, and Thomas Ristenpart

    Yinqian Zhang, Ari Juels, Michael K. Reiter, and Thomas Ristenpart. Cross-VM Side Channels and Their Use to Extract Private Keys. In Proceedings of the 2012 ACM Conference on Computer and Communi- cations Security, CCS ’12, pages 305–316, New York, NY , USA, 2012. ACM. IX. A PPENDIX A. Tables for Performance Counters and Benchmarks TABLE IV COUNTER SELECT...

    work page 2012

  70. [71]

    Aobench 41) Minion 1 81) Graphics 1 120) Apache 153) Aio-stress 165) Mbw 174) Websites 1) Flush+Flush

    work page

  71. [72]

    Botan 1 42) Minion 2 82) Graphics 2 121) Battery 154) Blogbench 1 166) Ram 1 175) Videos 2) Flush+Reload

    work page

  72. [73]

    Botan 2 43) Minion 3 83) Graphics 3 122) Compress 155) Blogbench 2 167) Ram 2 176) MySQL 3) Prime+Probe

    work page

  73. [74]

    Botan 3 44) Perl 1 84) Graphics 4 123) Git 156) Compile 168) Ram 3 177) Apache 4) Meltdown

    work page

  74. [75]

    Botan 4 45) Perl 2 85) Graphics 5 124) Hint 157) Dbench 169) Ram 4 178) Office 5) Spectre

    work page

  75. [76]

    Botan 5 46) Radiance 1 86) Graphics 6 125) Nginx 158) Fio 1 170) Ram 5 6) Rowhammer

    work page

  76. [77]

    Bullet 1 47) Radiance 2 87) Graphics 7 126) Optcarrot 159) Fio 2 171) Stream 7) Zombieload

    work page

  77. [78]

    Bullet 2 48) Scimark 1 88) Hpcg 127) Php 1 160) Iozone 172) T-test

    work page

  78. [79]

    Bullet 3 49) Scimark 2 89) Luajit 1 128) Php 2 161) Postmark 173) Tinymem

    work page

  79. [80]

    Bullet 4 50) Scimark 3 90) Luajit 2 129) Pybench 162) Sqlite

    work page

  80. [81]

    Bullet 5 51) Scimark 4 91) Luajit 3 130) Schbench 163) Tiobench

    work page

Showing first 80 references.