YoVDO

A Software Approach to Defeating Side Channels in Last-Level Caches

Offered By: Association for Computing Machinery (ACM) via YouTube

Tags

ACM CCS (Computer and Communications Security) Courses Cybersecurity Courses Cloud Computing Courses Side Channel Attacks Courses System Security Courses

Course Description

Overview

Explore a conference talk from CCS 2016 that delves into a software-based approach for mitigating side-channel attacks in last-level caches. Learn about the vulnerabilities of shared memory in cloud environments and the techniques used by attackers, such as Flush+Reload and Prime+Probe. Discover the innovative Copy-On-Access mechanism and its state transitions, as well as cacheability management strategies. Examine the security evaluations conducted for both Flush+Reload and Prime+Probe attacks, and understand the performance implications of the proposed solution on web servers and various operations. Gain insights into the challenges of memory sharing in PaaS cloud environments and the effectiveness of the CACHEBAR system in defending against cache-based side-channel attacks.

Syllabus

Intro
Side-Channel Attacks in Clouds
Secret-Dependent Memory Access Patterns
Flush+Reload Attack: Shared Memory
Prime+Probe in LLC: Collision in Cache Set
Copy-On-Access [Flush-Reload]
State Transitions: Copy-On-Access
Cacheability Management Prime-Probel
Size of Queue
Assemble CACHEBAR Page Fault Trap
Memory Sharing in Paas Cloud?
Security Evaluation: Flush+Reload
Security Evaluation: Prime+Probe
Performance Overhead: Web Servers Client: Autobench
Performance Overhead: Operations
Conclusion


Taught by

ACM CCS

Related Courses

A Hands-On Look at Amazon Q Business Expert
Amazon Web Services via AWS Skill Builder
À la découverte des télécommunications
Institut Mines-Télécom via France Université Numerique
A Tour of Google Cloud Sustainability
Google via Google Cloud Skills Boost
Intel® Telco Cloud Academy
Intel via Coursera
Accéder à Internet depuis Lambda dans un VPC (Français) | Accessing the Internet from Lambda in a VPC (French)
Amazon Web Services via AWS Skill Builder