Microarchitectural Attacks and Beyond
Host
Alin Tomescu
MIT
ABSTRACT
Microarchitectural Attacks recently got a lot of attention with the
publication of Meltdown and Spectre. In general, cache attacks have
gained in popularity in the academic community over the past two
decades. In this talk we will first discuss what architecture and
microarchitecture means. We will then discuss cache attacks as a prime
example of microarchitectural attacks, see how the work and how we can
leak data from other processes. Then we will turn to another example on
the software level where abstraction similarly enables a new form of
cache attacks. The software cache that we target is a common concept
implemented across various operating systems. By mounting a series of
attacks we can see that this hardware-agnostic kind of cache attack can
compete with state-of-the-art hardware cache attacks. Finally, we
discuss mitigations for Linux and Windows.
SPEAKER BIO
Daniel Gruss (@lavados) is an Assistant Professor at Graz University
of Technology. He finished his PhD with distinction in less than 3
years. He has been involved in teaching operating system undergraduate
courses since 2010. Daniel's research focuses on software-based
side-channel attacks that exploit timing differences in hardware and
operating systems. He implemented the first remote fault attack
running in a website, known as Rowhammer.js. He frequently speaks at
top international venues, such as Black Hat, Usenix Security, IEEE
S&P, ACM CCS, Chaos Communication Congress, and others. His research
team was one of the teams that found the Meltdown and Spectre bugs
published in early 2018.
Microarchitectural Attacks recently got a lot of attention with the
publication of Meltdown and Spectre. In general, cache attacks have
gained in popularity in the academic community over the past two
decades. In this talk we will first discuss what architecture and
microarchitecture means. We will then discuss cache attacks as a prime
example of microarchitectural attacks, see how the work and how we can
leak data from other processes. Then we will turn to another example on
the software level where abstraction similarly enables a new form of
cache attacks. The software cache that we target is a common concept
implemented across various operating systems. By mounting a series of
attacks we can see that this hardware-agnostic kind of cache attack can
compete with state-of-the-art hardware cache attacks. Finally, we
discuss mitigations for Linux and Windows.
SPEAKER BIO
Daniel Gruss (@lavados) is an Assistant Professor at Graz University
of Technology. He finished his PhD with distinction in less than 3
years. He has been involved in teaching operating system undergraduate
courses since 2010. Daniel's research focuses on software-based
side-channel attacks that exploit timing differences in hardware and
operating systems. He implemented the first remote fault attack
running in a website, known as Rowhammer.js. He frequently speaks at
top international venues, such as Black Hat, Usenix Security, IEEE
S&P, ACM CCS, Chaos Communication Congress, and others. His research
team was one of the teams that found the Meltdown and Spectre bugs
published in early 2018.