Malicious Management Unit - Why Stopping Cache Attacks in Software is Harder Than You Think
Offered By: USENIX via YouTube
Course Description
Overview
Explore a groundbreaking presentation from USENIX Security '18 that challenges existing software-based defenses against cache attacks. Delve into the concept of indirect cache attacks, focusing on the Malicious Management Unit (MMU) as a potential vector for bypassing current security measures. Learn about the vulnerabilities in cache access isolation techniques and the complexities of mitigating arbitrary cache attacks. Examine the PRIME + PROBE method, page coloring, XLATE attacks, page table walks, and translation caches. Investigate the challenges of building eviction sets, reliability concerns, and the effectiveness of current cache defenses. Gain valuable insights into why stopping cache attacks in software is more difficult than previously thought, and understand the implications for future security strategies in computer systems.
Syllabus
Intro
Motivation
PRIME + PROBE
Page coloring
XLATE attacks
Page table walks
Translation Caches
Shared Memory
Building Eviction Sets
Challenges
Reliability
Effectiveness
Cache Defenses
Conclusions
Taught by
USENIX
Related Courses
Pseudorandom Black Swans: Cache Attacks on CTR_DRBGTheIACR via YouTube When Good Turns Evil - Using Intel SGX to Stealthily Steal Bitcoins
Black Hat via YouTube Dragonblood - Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd
IEEE via YouTube NetCAT - Practical Cache Attacks from the Network
IEEE via YouTube The 9 Lives of Bleichenbacher's CAT - New Cache Attacks on TLS Implementations
IEEE via YouTube