Hardware Side Channels in Virtualized Environments
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore hardware side channel vulnerabilities in virtualized environments through this closing keynote from the Hack In The Box Security Conference. Delve into the landscape of side channel vulnerabilities, examining types possible under different virtualization scenarios and the fundamental principles of side-channel attacks. Contrast these against specific exploitations in cloud-based environments. Examine the attack surface of common cloud-based hardware side channels, including shared hardware stacks between supposedly isolated hosts. Witness demonstrations of two separate attacks - one in the cache and a novel side channel across the pipeline - to illustrate the discussed theories. Review potential mitigations at hardware, hypervisor, and client software levels, and gain insights into the future of side channels in cloud computing. Learn from security researcher Sophia D'Antoine, who shares her expertise in malicious applications of hardware side channels in virtualized environments, drawing from her graduate research at Rensselaer Polytechnic Institute and her work with LLVM on automated analysis, obfuscation, and transformation of execution paths.
Syllabus
#HITB2016AMS CLOSING KEYNOTE - Hardware Side Channels in Virtualized Environments - Sophia D'Antoine
Taught by
Hack In The Box Security Conference
Related Courses
Pseudorandom Black Swans: Cache Attacks on CTR_DRBGTheIACR via YouTube When Good Turns Evil - Using Intel SGX to Stealthily Steal Bitcoins
Black Hat via YouTube Dragonblood - Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd
IEEE via YouTube NetCAT - Practical Cache Attacks from the Network
IEEE via YouTube The 9 Lives of Bleichenbacher's CAT - New Cache Attacks on TLS Implementations
IEEE via YouTube