Title:

AutoMAD: Leveraging Large Language Models for Automated Microarchitectural Attack Discovery

Microarchitectural attacks exploit shared hardware resources, posing a significant threat to cloud computing—a multi-billion-dollar industry widely adopted for data management and workload processing. Additionally, while ARM processors are increasingly used in both desktop and server environments, they have not undergone the same security scrutiny as x86 systems. Despite their threat, there are no efficient and scalable methods for discovering these attacks. This work presents AutoMAD, an automated framework for discovering microarchitectural attacks on ARM systems. AutoMAD combines a Large Language Model (LLM) with a novel preprocessing algorithm to generate guided test code, addressing a key limitation in prior research. The generated code is executed on the target device while power is monitored. Using peak-to-peak current measurements as a reinforcement learning reward signal, AutoMAD iteratively refines its code generation to incentivise potential fault inducing code. The experiments conducted demonstrate that AutoMAD successfully discovers code sequences that induce large, rapid power oscillation. The top performing of which far exceeded those produced by benign workloads (tested using Stress, MLucas, and the SPEC2006 benchmark suite). These findings confirm that AutoMAD can effectively identify conditions conducive to fault injection attacks on ARM processors. As an open-source tool, AutoMAD provides a foundation for extending automated vulnerability discovery to other architectures and attack vectors. Its success highlights the potential of LLM-guided fuzzing as a scalable solution for securing next-generation hardware.

Name

Comment*

Comments are viewable only by submitter

Captcha*