A Software Approach to Defeating Side Channels in Last-Level Caches
Offered By: Association for Computing Machinery (ACM) via YouTube
Course Description
Overview
Explore a conference talk from CCS 2016 that delves into a software-based approach for mitigating side-channel attacks in last-level caches. Learn about the vulnerabilities of shared memory in cloud environments and the techniques used by attackers, such as Flush+Reload and Prime+Probe. Discover the innovative Copy-On-Access mechanism and its state transitions, as well as cacheability management strategies. Examine the security evaluations conducted for both Flush+Reload and Prime+Probe attacks, and understand the performance implications of the proposed solution on web servers and various operations. Gain insights into the challenges of memory sharing in PaaS cloud environments and the effectiveness of the CACHEBAR system in defending against cache-based side-channel attacks.
Syllabus
Intro
Side-Channel Attacks in Clouds
Secret-Dependent Memory Access Patterns
Flush+Reload Attack: Shared Memory
Prime+Probe in LLC: Collision in Cache Set
Copy-On-Access [Flush-Reload]
State Transitions: Copy-On-Access
Cacheability Management Prime-Probel
Size of Queue
Assemble CACHEBAR Page Fault Trap
Memory Sharing in Paas Cloud?
Security Evaluation: Flush+Reload
Security Evaluation: Prime+Probe
Performance Overhead: Web Servers Client: Autobench
Performance Overhead: Operations
Conclusion
Taught by
ACM CCS
Related Courses
A Hands-On Look at Amazon Q Business ExpertAmazon Web Services via AWS Skill Builder À la découverte des télécommunications
Institut Mines-Télécom via France Université Numerique A Tour of Google Cloud Sustainability
Google via Google Cloud Skills Boost Intel® Telco Cloud Academy
Intel via Coursera Accéder à Internet depuis Lambda dans un VPC (Français) | Accessing the Internet from Lambda in a VPC (French)
Amazon Web Services via AWS Skill Builder