A Software Approach to Defeating Side Channels in Last-Level Caches
Offered By: Association for Computing Machinery (ACM) via YouTube
Course Description
Overview
Explore a conference talk from CCS 2016 that delves into a software-based approach for mitigating side-channel attacks in last-level caches. Learn about the vulnerabilities of shared memory in cloud environments and the techniques used by attackers, such as Flush+Reload and Prime+Probe. Discover the innovative Copy-On-Access mechanism and its state transitions, as well as cacheability management strategies. Examine the security evaluations conducted for both Flush+Reload and Prime+Probe attacks, and understand the performance implications of the proposed solution on web servers and various operations. Gain insights into the challenges of memory sharing in PaaS cloud environments and the effectiveness of the CACHEBAR system in defending against cache-based side-channel attacks.
Syllabus
Intro
Side-Channel Attacks in Clouds
Secret-Dependent Memory Access Patterns
Flush+Reload Attack: Shared Memory
Prime+Probe in LLC: Collision in Cache Set
Copy-On-Access [Flush-Reload]
State Transitions: Copy-On-Access
Cacheability Management Prime-Probel
Size of Queue
Assemble CACHEBAR Page Fault Trap
Memory Sharing in Paas Cloud?
Security Evaluation: Flush+Reload
Security Evaluation: Prime+Probe
Performance Overhead: Web Servers Client: Autobench
Performance Overhead: Operations
Conclusion
Taught by
ACM CCS
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network