Towards Reinforcement Learning for Exploration of Speculative Execution   Vulnerabilities

Evan Lai; Wenjie Xiong; Edward Suh; Mohit Tiwari; Mulong Luo

arXiv:2502.16756·cs.CR·April 4, 2025

Towards Reinforcement Learning for Exploration of Speculative Execution Vulnerabilities

Evan Lai, Wenjie Xiong, Edward Suh, Mohit Tiwari, Mulong Luo

PDF

Open Access

TL;DR

This paper introduces SpecRL, a reinforcement learning framework designed to automatically discover speculative execution vulnerabilities in microprocessors, addressing the manual complexity and hardware knowledge barriers in existing methods.

Contribution

The paper presents a novel reinforcement learning-based approach for detecting speculative execution leaks in black-box microprocessors, reducing manual effort and hardware expertise needed.

Findings

01

Successfully identifies speculative leaks using SpecRL

02

Reduces manual labor in vulnerability discovery

03

Demonstrates effectiveness on post-silicon processors

Abstract

Speculative attacks such as Spectre can leak secret information without being discovered by the operating system. Speculative execution vulnerabilities are finicky and deep in the sense that to exploit them, it requires intensive manual labor and intimate knowledge of the hardware. In this paper, we introduce SpecRL, a framework that utilizes reinforcement learning to find speculative execution leaks in post-silicon (black box) microprocessors.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsAdvanced Malware Detection Techniques · Adversarial Robustness in Machine Learning