AISELF: An LLM-based Automated Interleaved Speculative-Execution Leakage Detection Framework
摘要
Modern high-performance processors rely on speculative execution to improve throughput, but this optimization has enabled microarchitectural side-channel attacks that can leak sensitive information, including cryptographic keys and confidential data. Although mitigations such as Indirect Branch Restricted Speculation (IBRS), Retpoline, and microcode updates have reduced exposure to classical Spectre (v1–v3) and Meltdown-style attacks, recent work has highlighted interleaved speculative-execution attacks in which malicious gadgets are injected at extremely low duty cycles into otherwise normal execution. The intermittent nature of such interleaving significantly degrades the sensitivity of Performance Monitoring Counter (PMC)-based detectors that rely on magnitude thresholds or short-window aggregate statistics, thereby complicating reliable detection. We present AISELF, an automated framework for detecting interleaved speculative-execution behaviour using PMC. Building on our prior feasibility study on PMC-based detection for known speculative-execution attacks, AISELF combines LLM-driven automation with statistically principled anomaly testing. Given the user’s workload and system configuration, AISELF recommends a ranked top-