{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,31]],"date-time":"2026-03-31T08:17:59Z","timestamp":1774945079700,"version":"3.50.1"},"reference-count":37,"publisher":"World Scientific Pub Co Pte Ltd","issue":"03","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["J CIRCUIT SYST COMP"],"published-print":{"date-parts":[[2024,2]]},"abstract":"<jats:p> As the basic and core component of electronic systems, CPU security is extremely important to network security. Even an unremarkable faulty instruction on the CPU may lead to serious security problems, such as the operating system crashes or privilege increase since it is often considered as a trusted black box. Therefore, CPU instruction detection is particularly crucial to CPU security. However, most existing methods of CPU instruction detection, based on the inconsistency of microarchitecture and instruction set design, suffer from slow speed and low accuracy. Our work is motivated to propose a practical framework for searching CPU undocumented instruction with fast speed and high accuracy. In this paper, we put forward a general framework InsFinder to detect undocumented instruction on CISC and RISC CPU by an efficient and accurate fuzzing method. It makes use of the instruction format to make advanced predictions, which greatly reduces the search space. Moreover, by introducing classification, de-redundancy, and verification, InsFinder greatly improves the detection accuracy. Experiments show that compared with the existing methods, InsFinder is more effective which costs at least 50% less processing time in detecting undocumented instructions on x86-64, ARM64, and RISC-V, and more accurate which divided the detection results into 4 categories. After filtering, the detection results were reduced from millions to less than 10,000. <\/jats:p>","DOI":"10.1142\/s0218126624500476","type":"journal-article","created":{"date-parts":[[2023,7,20]],"date-time":"2023-07-20T03:46:06Z","timestamp":1689824766000},"source":"Crossref","is-referenced-by-count":2,"title":["Ins Finder: A Practical CPU Undocumented Instruction Detection Framework"],"prefix":"10.1142","volume":"33","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-1539-0024","authenticated-orcid":false,"given":"Renhai","family":"Dong","sequence":"first","affiliation":[{"name":"School of Computer Science, (National Pilot Software Engineering School), Beijing University of Posts and Telecommunications, Beijing 100876, P. R. China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Baojiang","family":"Cui","sequence":"additional","affiliation":[{"name":"School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, P. R. China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1427-8682","authenticated-orcid":false,"given":"Yi","family":"Sun","sequence":"additional","affiliation":[{"name":"School of Computer Science, (National Pilot Software Engineering School), Beijing University of Posts and Telecommunications, Beijing 100876, P. R. China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jun","family":"Yang","sequence":"additional","affiliation":[{"name":"School of Computer Science, (National Pilot Software Engineering School), Beijing University of Posts and Telecommunications, Beijing 100876, P. R. China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"219","published-online":{"date-parts":[[2023,8,17]]},"reference":[{"key":"S0218126624500476BIB001","doi-asserted-by":"publisher","DOI":"10.1109\/MNET.003.2100672"},{"key":"S0218126624500476BIB002","doi-asserted-by":"publisher","DOI":"10.1016\/j.dcan.2022.08.002"},{"key":"S0218126624500476BIB003","doi-asserted-by":"publisher","DOI":"10.1109\/TAES.2022.3199191"},{"key":"S0218126624500476BIB004","doi-asserted-by":"publisher","DOI":"10.1109\/TMC.2022.3179254"},{"key":"S0218126624500476BIB005","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2022.3202741"},{"key":"S0218126624500476BIB006","doi-asserted-by":"publisher","DOI":"10.1109\/LNET.2023.3237261"},{"key":"S0218126624500476BIB007","first-page":"1","author":"Zhou Z.","year":"2022","journal-title":"IEEE Trans. Netw. Sci. Eng."},{"key":"S0218126624500476BIB008","first-page":"1","author":"Zhou Z.","year":"2022","journal-title":"IEEE Trans. Depend. Secur. Comput."},{"key":"S0218126624500476BIB009","doi-asserted-by":"publisher","DOI":"10.1109\/TAES.2022.3192804"},{"key":"S0218126624500476BIB010","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2022.3186891"},{"key":"S0218126624500476BIB011","doi-asserted-by":"publisher","DOI":"10.1109\/TGCN.2021.3062972"},{"key":"S0218126624500476BIB012","author":"Ju Y.","year":"2023","journal-title":"ACM Trans. Sens. Netw."},{"key":"S0218126624500476BIB013","doi-asserted-by":"publisher","DOI":"10.1109\/TWC.2022.3188302"},{"key":"S0218126624500476BIB014","doi-asserted-by":"publisher","DOI":"10.1109\/TVT.2022.3189699"},{"key":"S0218126624500476BIB015","doi-asserted-by":"publisher","DOI":"10.1016\/j.cities.2022.103971"},{"key":"S0218126624500476BIB016","doi-asserted-by":"publisher","DOI":"10.1109\/40.372360"},{"key":"S0218126624500476BIB017","author":"Dobbs","year":"1998","journal-title":"Dr Dobbs J."},{"key":"S0218126624500476BIB018","first-page":"80","volume-title":"Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC 2007)","author":"Ac\u0131i\u00e7mez O."},{"key":"S0218126624500476BIB019","first-page":"473","volume-title":"2006 22nd Annual Computer Security Applications Conf. (ACSAC\u201906)","author":"Wang Z."},{"key":"S0218126624500476BIB020","first-page":"623","volume-title":"2015 IEEE Symp. Security and Privacy","author":"Andrysco M."},{"key":"S0218126624500476BIB021","volume-title":"Cryptographers\u2019 Track at the RSA Conf.","author":"Ac\u0131i\u00e7mez O.","year":"2007"},{"key":"S0218126624500476BIB022","first-page":"557","volume-title":"26th USENIX Security Symp. (USENIX Security 17)","author":"Lee S.","year":"2017"},{"key":"S0218126624500476BIB023","first-page":"870","volume-title":"2019 IEEE Symp. Security and Privacy (SP)","author":"Aldaya A. C."},{"key":"S0218126624500476BIB024","first-page":"1","volume-title":"2019 IEEE Symp. Security and Privacy (SP)","author":"Kocher P."},{"key":"S0218126624500476BIB025","first-page":"973","volume-title":"27th USENIX Security Symp. (USENIX Security 18)","author":"Lipp M.","year":"2018"},{"key":"S0218126624500476BIB026","first-page":"991","volume-title":"27th USENIX Security Symp. (USENIX Security 18)","author":"Van Bulck J.","year":"2018"},{"key":"S0218126624500476BIB027","first-page":"88","volume-title":"2019 IEEE Symp. Security and Privacy (SP)","author":"Van Schaik S."},{"key":"S0218126624500476BIB029","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2946444"},{"key":"S0218126624500476BIB030","first-page":"306","volume-title":"2020 50th Annual IEEE\/IFIP Int. Conf. Dependable Systems and Networks (DSN)","author":"Dofferhoff R."},{"key":"S0218126624500476BIB031","doi-asserted-by":"publisher","DOI":"10.1145\/3458903.3458906"},{"key":"S0218126624500476BIB038","first-page":"41","volume-title":"USENIX Annual Technical Conf. FREENIX Track","author":"Bellard F.","year":"2005"},{"key":"S0218126624500476BIB040","first-page":"971","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Barberis E.","year":"2022"},{"key":"S0218126624500476BIB041","first-page":"3825","volume-title":"31st USENIX Security Symp. (USENIX Security 22)","author":"Wikner J.","year":"2022"},{"key":"S0218126624500476BIB042","first-page":"1427","volume-title":"Proc. 29th USENIX Security Symp.","author":"Moghimi D.","year":"2020"},{"key":"S0218126624500476BIB044","first-page":"1481","volume-title":"Proc. 29th USENIX Conf. Security Symp.","author":"Oleksenko O.","year":"2020"},{"key":"S0218126624500476BIB045","doi-asserted-by":"publisher","DOI":"10.1145\/3503222.3507729"},{"key":"S0218126624500476BIB046","first-page":"1868","volume-title":"2021 IEEE Symp. Security and Privacy (SP)","author":"Guarnieri M."}],"container-title":["Journal of Circuits, Systems and Computers"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.worldscientific.com\/doi\/pdf\/10.1142\/S0218126624500476","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,8]],"date-time":"2024-03-08T07:44:23Z","timestamp":1709883863000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.worldscientific.com\/doi\/10.1142\/S0218126624500476"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,8,17]]},"references-count":37,"journal-issue":{"issue":"03","published-print":{"date-parts":[[2024,2]]}},"alternative-id":["10.1142\/S0218126624500476"],"URL":"https:\/\/doi.org\/10.1142\/s0218126624500476","relation":{},"ISSN":["0218-1266","1793-6454"],"issn-type":[{"value":"0218-1266","type":"print"},{"value":"1793-6454","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,8,17]]},"article-number":"2450047"}}