YoVDO

A Software Approach to Defeating Side Channels in Last-Level Caches

Offered By: Association for Computing Machinery (ACM) via YouTube

Tags

ACM CCS (Computer and Communications Security) Courses Cybersecurity Courses Cloud Computing Courses Side Channel Attacks Courses System Security Courses

Course Description

Overview

Explore a conference talk from CCS 2016 that delves into a software-based approach for mitigating side-channel attacks in last-level caches. Learn about the vulnerabilities of shared memory in cloud environments and the techniques used by attackers, such as Flush+Reload and Prime+Probe. Discover the innovative Copy-On-Access mechanism and its state transitions, as well as cacheability management strategies. Examine the security evaluations conducted for both Flush+Reload and Prime+Probe attacks, and understand the performance implications of the proposed solution on web servers and various operations. Gain insights into the challenges of memory sharing in PaaS cloud environments and the effectiveness of the CACHEBAR system in defending against cache-based side-channel attacks.

Syllabus

Intro
Side-Channel Attacks in Clouds
Secret-Dependent Memory Access Patterns
Flush+Reload Attack: Shared Memory
Prime+Probe in LLC: Collision in Cache Set
Copy-On-Access [Flush-Reload]
State Transitions: Copy-On-Access
Cacheability Management Prime-Probel
Size of Queue
Assemble CACHEBAR Page Fault Trap
Memory Sharing in Paas Cloud?
Security Evaluation: Flush+Reload
Security Evaluation: Prime+Probe
Performance Overhead: Web Servers Client: Autobench
Performance Overhead: Operations
Conclusion


Taught by

ACM CCS

Related Courses

Enterprise System Management and Security
University of Colorado System via Coursera
Ethical Hacking
Indian Institute of Technology, Kharagpur via Swayam
PHP: Complete Login and Registration System with PHP & MYSQL
Udemy
Learn Ethical Hacking From Scratch 2024
Udemy
Serie Windows Server Update Services (WSUS)
Udemy