Spectre Attack Detection: Cleaned Core Microarchitectural Counts (Intel & RPi, Background\u2011Labeled)

Spectre attacks exploit speculative execution to transiently access data past program-enforced bounds checks, leaving measurable microarchitectural footprints. Relatively little is known about how Spectre v1 manifests on recent ARM client cores. We present a side-by-side analysis of hardware performance counter (HPC) data for Spectre v1 (bounds check bypass) with a Flush+Reload channel on an Intel Core i7 and an ARM Cortex-A76 (Raspberry Pi 5), using a sliding-window temporal view to examine not only magnitude shifts but also the persistence of long deviations. Intel traces show sustained elevated levels across consecutive sliding windows in branch and cache miss metrics (stable plateaus above idle). In contrast, ARM traces remain mostly idle-like with brief, low-duty-cycle bursts that rapidly return to baseline. This distinction between persistence and burstiness-- visible even in the subset of events shared across both ISAs and sharpened by platform-specific counters\u2014indicates that pipeline depth, speculation resources, buffering, and counter visibility shape how identical attack semantics appear in HPC data, yielding distinct architectural signatures and cautioning against directly transferring Intel-calibrated static thresholds to ARM