• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.6
• /
• pp.1365-1373
• /
• 2019

Meltdown and Spectre are vulnerabilities that exploit out-of-order execution and speculative execution techniques to read memory regions that are not accessible with user privileges. OS patches were released to prevent this attack, but older systems without appropriate patches are still vulnerable. Currently, there are some research to detect Meltdown and Spectre attacks, but most of them proposed dynamic analysis methods. Therefore, this paper proposes a binary signature that can be used to detect Meltdown and Spectre malware without executing them. For this, we collected 13 malicious codes from GitHub and performed binary pattern analysis. Based on this, we proposed a static detection method for Meltdown and Spectre malware. Our results showed that the method identified all the 19 attack files with 0.94% false positive rate when applied to 2,317 normal files.

• Journal of Convergence for Information Technology
• /
• v.8 no.6
• /
• pp.209-215
• /
• 2018

In this paper, we propose a method to detect and block Meltdown malicious code which is increasing rapidly using dynamic sandbox tool. Although some patches are available for the vulnerability of Meltdown attack, patches are not applied intentionally due to the performance degradation of the system. Therefore, we propose a method to overcome the limitation of existing signature detection method by using machine learning method for infrastructures without active patches. First, to understand the principle of meltdown, we analyze operating system driving methods such as virtual memory, memory privilege check, pipelining and guessing execution, and CPU cache. And then, we extracted data by using Linux strace tool for detecting Meltdown malware. Finally, we implemented a decision tree based dynamic detection mechanism to identify the meltdown malicious code efficiently.

• Review of KIISC
• /
• v.30 no.1
• /
• pp.55-60
• /
• 2020

2018년 1월, Meltdown, Spectre와 같은 마이크로아키텍처의 취약점을 이용하는 부채널 공격이 등장하면서 전 세계적으로 부채널 공격에 관한 관심이 증가하였다. 또한, 소모 전력 분석, 전파 분석 등 전통적 부채널 공격과는 달리 캐시의 상태변화를 이용하는 공격인 캐시 부채널 공격이 Meltdown, Spectre에 이용되면서 이에 관한 다양한 연구가 진행되고 있다. 이러한 유형의 공격은 완벽하게 방어할 수 있는 대응 패치가 존재하지 않고 일부 공격에 대응할 수 있는 대응 패치도 모든 시스템에 적용할 수 없은 경우가 많으므로 완벽한 대응이 매우 힘든 실정이다. 특히 캐시 부채널 공격을 이용하여 SGX와 같은 TEE(Trusted Execution Environment)를 공격할 수 있다는 것이 드러나면서 TEE를 공격하기 위한 다양한 공격 도구로 이용되고 있다. 본 논문에서는 Meltdown과 Spectre 및 다양한 캐시 부채널 공격에 대한 동향을 살펴보고자 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.10a
• /
• pp.384-387
• /
• 2019

2018년 Meltdown 공격이 발표된 이후 Foreshadow, ZombieLoad 등 다양한 종류의 마이크로아키텍처 기반 부 채널 공격과 방어 기법들이 발표되었다. 그중 Meltdown 공격을 원천 차단할 수 있는 KPTI (Kernel Page Table Isolation)는 커널 영역을 사용자 메모리 영역과 분리하여 커널 정보의 유출을 방어할 수 있으나, 최대 46%의 시스템 성능 저하를 가져온다. 본 연구는 런타임에 시스템콜 발생빈도를 분석하여 낮은 오버헤드로 Meltdown-type 공격을 탐지하고, 방어하는 프로그램을 개발하고 실험하였다. 개발한 Fault Monitoring Tool은 기존 시스템 대비 적은 오버헤드(최대 7%)로 악의적인 사용자를 구분해 내고 방어할 수 있었다.

• Nuclear Engineering and Technology
• /
• v.17 no.1
• /
• pp.53-67
• /
• 1985

The severe core meltdown accident, which is not included as a design basis accident, has high consequence and low probability of occurrence and turns out to be a major risk factor in the overall risk assessment. The physical mechanisms of containment failure in core meltdown accidents are identified as steam explosion, debris bed coolability, hydrogen burning, steam spike and concrete interaction. The state of technology review is made for each subtopic about the previous and current researches for better understanding of the phenomenon.

• Polymer(Korea)
• /
• v.34 no.6
• /
• pp.517-521
• /
• 2010

Microprous polyethylene (PE) membranes are widely used as lithium-ion battery separators. A separator having higher meltdown temperature than PE separator is still required for useful safety feature at a high temperature. To enhance meltdown temperature of PE separator, it was coated with polymers synthesized from bis-GMA derivatives by radical polymerization. Polymer was not formed when bis-GMA monomer having a high viscosity was used, while polymers were formed when bis-GMA derivatives having a low viscosity were used. When the separator was coated with polymer synthesized from reaction mixture containing proper amount of bis-GMA derivative, its meltdown temperature were increased up to $160^{\circ}C$ without reduction in the air permeability.

• Nuclear Engineering and Technology
• /
• v.51 no.8
• /
• pp.1916-1938
• /
• 2019

The objective of this paper is to discuss the modeling principles of phenomena governing core degradation/melting and in-vessel melt relocation during severe accidents in light water reactors. The proposed modeling approach has been applied in the development of a new accident simulation package, COMPASS (COre Meltdown Progression Accident Simulation Software). COMPASS can be used either as a stand-alone tool to simulate in-vessel meltdown progression up to and including RPV failure, or as a component of an integrated simulation package being developed in Korea for the APR1400 reactor. Interestingly, since the emphasis in the development of COMPASS modeling framework has been on capturing generic mechanistic aspects of accident progression in light water reactors, several parts of the overall model should be useful for future accident studies of other reactor designs, both PWRs and BWRs. The issues discussed in the paper include the overall structure of the model, the rationale behind the formulation of the governing equations and the associated simplifying assumptions, as well as the methodology used to verify both the physical and numerical consistencies of the overall solver. Furthermore, the results of COMPASS validation against two experimental data sets (CORA and PHEBUS) are shown, as well as of the predicted accident progression at TMI-2 reactor.

• Proceedings of the Korean Nuclear Society Conference
• /
• 2005.05a
• /
• pp.61-62
• /
• 2005

• Proceedings of the Korean Nuclear Society Conference
• /
• 2001.05a
• /
• pp.202-202
• /
• 2001

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1031-1041
• /
• 2020

Cloud computing technology plays an important role in the deep learning industry as deep learning services are deployed frequently on top of cloud infrastructures. In such cloud environment, virtualization technology provides logically independent and isolated computing space for each tenant. However, recent studies demonstrate that by leveraging vulnerabilities of virtualization techniques and shared processor architectures in the cloud system, various side-channels can be established between cloud tenants. In this paper, we propose a novel attack scenario that can steal internal information of deep learning models by exploiting the Meltdown vulnerability in a multi-tenant system environment. On the basis of our experiment, the proposed attack method could extract internal information of a TensorFlow deep-learning service with 92.875% accuracy and 1.325kB/s extraction speed.