Janus: Compiler-Based Defense Against Transient Execution Attacks Using ARM Hardware Primitives

TL;DR

Janus is a compiler-based framework that enhances ARM64 security against transient execution attacks like Spectre by integrating microarchitectural features and optimizing performance with minimal overhead.

Contribution

It introduces a novel compiler-based approach that combines speculative execution mitigation with existing control-flow integrity on ARM64 platforms.

Findings

Average performance overhead of 3.85% on SPEC CPU2017

Real-world application overheads range from 2.97% to 7.80%

Effective mitigation of Spectre and control-flow hijacking attacks

Abstract

We present Janus, a compiler-based security framework that mitigates transient execution attacks like Spectre and control-flow hijacking on ARM64 platforms. Janus integrates speculative execution and control flow dependencies with PA modifiers, using PA and BTI microarchitectural features to prevent control-flow speculation attacks and secure both control flow and speculative execution through existing control-flow integrity mechanisms. To optimize performance, Janus minimizes overhead by merging defense operations across different defense layers (modifier fusion) and reusing registers of protected variables (carrier reuse), while maintaining strong security guarantees. Evaluation on SPEC CPU2017 shows an average performance overhead of 3.85%, with real-world applications exhibiting overheads ranging from 2.97% to 7.80%. Janus offers effective speculative execution security and low performance and code size overhead, making it a robust solution for ARM-based systems.