YoVDO

Malicious Management Unit - Why Stopping Cache Attacks in Software is Harder Than You Think

Offered By: USENIX via YouTube

Tags

USENIX Security Courses Cybersecurity Courses Software Security Courses Cache Attacks Courses

Course Description

Overview

Explore a groundbreaking presentation from USENIX Security '18 that challenges existing software-based defenses against cache attacks. Delve into the concept of indirect cache attacks, focusing on the Malicious Management Unit (MMU) as a potential vector for bypassing current security measures. Learn about the vulnerabilities in cache access isolation techniques and the complexities of mitigating arbitrary cache attacks. Examine the PRIME + PROBE method, page coloring, XLATE attacks, page table walks, and translation caches. Investigate the challenges of building eviction sets, reliability concerns, and the effectiveness of current cache defenses. Gain valuable insights into why stopping cache attacks in software is more difficult than previously thought, and understand the implications for future security strategies in computer systems.

Syllabus

Intro
Motivation
PRIME + PROBE
Page coloring
XLATE attacks
Page table walks
Translation Caches
Shared Memory
Building Eviction Sets
Challenges
Reliability
Effectiveness
Cache Defenses
Conclusions


Taught by

USENIX

Related Courses

Pseudorandom Black Swans: Cache Attacks on CTR_DRBG
TheIACR via YouTube
When Good Turns Evil - Using Intel SGX to Stealthily Steal Bitcoins
Black Hat via YouTube
Dragonblood - Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd
IEEE via YouTube
NetCAT - Practical Cache Attacks from the Network
IEEE via YouTube
The 9 Lives of Bleichenbacher's CAT - New Cache Attacks on TLS Implementations
IEEE via YouTube