Tick Tock - Building Browser Red Pills from Timing Side Channels
Offered By: USENIX via YouTube
Course Description
Overview
Explore a 20-minute conference talk from USENIX WOOT '14 that delves into the concept of browser-based red pills. Learn how these Javascript-implemented tools can detect if a browser is running inside a virtual machine, potentially impacting the effectiveness of Web malware scanners. Discover multiple robust browser red pills that work across various browser platforms and emulation technologies. Gain insights into how these red pills can be used by digital rights management systems and malware authors. Examine the implications for Web scanners that rely on emulated environments to detect drive-by downloads and other malicious content. Consider potential mitigation strategies that Web scanners can employ to counter these red pills. Presented by researchers from Stanford University and Google, this talk offers a deep dive into timing side channels and their applications in browser security.
Syllabus
WOOT '14 - Tick Tock: Building Browser Red Pills from Timing Side Channels
Taught by
USENIX
Related Courses
AFL++ - Combining Incremental Steps of Fuzzing ResearchUSENIX via YouTube Unearthing the TrustedCore - A Critical Review on Huawei’s Trusted Execution Environment
USENIX via YouTube Cloning Credit Cards - A Combined Pre-play and Downgrade Attack on EMV Contactless
USENIX via YouTube Zippier ZMap - Internet-Wide Scanning at 10 Gbps
USENIX via YouTube Green Lights Forever - Analyzing the Security of Traffic Infrastructure
USENIX via YouTube