YoVDO

Bypassing KPTI Using the Speculative Behavior of the SWAPGS Instruction

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Side Channel Attacks Courses Segmentation Courses Brute-Force Attacks Courses Speculative Execution Courses

Course Description

Overview

Explore a groundbreaking conference talk from Black Hat that delves into a new type of side-channel attack based on the speculative execution of the SWAPGS instruction within the OS kernel. Learn how this attack can bypass existing protective measures, including CPU microcode patches and kernel address space isolation. Discover the intricacies of sidechannel attacks, segmentation, and the research question that led to this discovery. Understand the brute force attack method employed and the special considerations involved in this exploit. Gain valuable insights from security researchers Andrei Lutas and Dan Lutas as they present their findings on circumventing KPTI using the speculative behavior of the SWAPGS instruction in this 49-minute presentation.

Syllabus

Introduction
Sidechannel Attacks
Segmentation
Research Question
Brute Force Attack
Special Considerations


Taught by

Black Hat

Related Courses

Hardware Security
University of Maryland, College Park via Coursera Cryptography and Information Theory
University of Colorado System via Coursera Introduction to Software Side Channels and Mitigations
Graz University of Technology via edX Side-Channel Security: Developing a Side-Channel Mindset
Graz University of Technology via edX Physical and Advanced Side-Channel Attacks
Graz University of Technology via edX