Cyber Security Seminar by Claudio Canella MSc: Microarchitectural Side-Channel Attacks: From the Basics to Transient Execution Attacks

27 November 2018 12:00 till 12:45 - Location: FACULTY EEMCS-BUILDING 28, TURING COLLOQUIUMROOM 0.E420

Software-based side-channel attacks are a powerful tool, allowing an attacker to extract critical information without having physical access to the machine. A well-known example of this form of attack are transient execution attacks like Meltdown and Spectre, both of which exploit microarchitectural elements. Since their discovery, the field of transient execution attacks has gained in popularity, leading to a fast-growing field of new research with many new attack variants and a confusing naming scheme. This confusing naming scheme and the lack of a clear distinction between Meltdown and Spectre has arguably already led to the wrong classification of one such attack.

In this talk, we will present the basic idea behind software-based side-channels as the foundation of transient execution attacks. We will then give a clear distinction between Meltdown and Spectre before we discuss all currently known variants. We will also present two new versions of Meltdown-type attacks and five new mistraining strategies for known Spectre-type attacks.

About Claudio Canella MSc:
Claudio Canella is a PhD student at Graz University of Technology (Austria) where he is a member of the CoReSec group under the supervision of Daniel Gruss. His research focus is on microarchitectural attacks and how they can be automated.