Hardware Side Channels in Virtualized Environments

Explore hardware side channel vulnerabilities in virtualized environments through this closing keynote from the Hack In The Box Security Conference. Delve into the landscape of side channel vulnerabilities, examining types possible under different virtualization scenarios and the fundamental principles of side-channel attacks. Contrast these against specific exploitations in cloud-based environments. Examine the attack surface of common cloud-based hardware side channels, including shared hardware stacks between supposedly isolated hosts. Witness demonstrations of two separate attacks - one in the cache and a novel side channel across the pipeline - to illustrate the discussed theories. Review potential mitigations at hardware, hypervisor, and client software levels, and gain insights into the future of side channels in cloud computing. Learn from security researcher Sophia D'Antoine, who shares her expertise in malicious applications of hardware side channels in virtualized environments, drawing from her graduate research at Rensselaer Polytechnic Institute and her work with LLVM on automated analysis, obfuscation, and transformation of execution paths.

#HITB2016AMS CLOSING KEYNOTE - Hardware Side Channels in Virtualized Environments - Sophia D'Antoine