The Code That Never Ran - Modeling Attacks on Speculative Evaluation

Offered By: IEEE via YouTube

Course Description

Overview

Explore a 17-minute IEEE conference talk that delves into modeling attacks on speculative evaluation. Gain insights into the Spectre attack and its exploitation of dynamic security checks, speculative evaluation, and cache timing. Discover a proposed pomset-based model designed to capture speculative evaluation, which is abstract enough to express known attacks like Spectre and Prime+Abort while verifying their countermeasures. Learn about the model's potential to predict new information flow attacks, including two novel attacks exploiting compiler optimizations. Understand how these attacks were experimentally validated against gcc and clang, and grasp the importance of formal modeling in identifying and mitigating security vulnerabilities in modern computer architectures.

Syllabus

The Code That Never Ran: Modeling Attacks on Speculative Evaluation

Taught by

IEEE Symposium on Security and Privacy

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network

The Code That Never Ran - Modeling Attacks on Speculative Evaluation

Tags

Course Description

Overview

Syllabus

Taught by

Tags

Related Courses

The Code That Never Ran - Modeling Attacks on Speculative Evaluation

Tags

Course Description

Overview

Syllabus

Taught by

Tags

Related Courses

Login to Continue