Overview
Explore a 21-minute IEEE conference talk that delves into the security implications of automatic memory management. Discover how garbage collectors can be exploited as a shared resource to leak sensitive information at rates up to 1 byte/sec on modern computers. Learn about the construction of example attacks that demonstrate this vulnerability, including its potential for remote exploitation in datacenter environments. Gain insights into a novel design for automatic memory management that offers proven resilience against such timing-sensitive attacks. Presented by Mathias Vorreiter Pedersen from Aarhus University at the 2017 IEEE Symposium on Security & Privacy, this talk provides valuable knowledge for cybersecurity professionals and software developers concerned with information flow security in the context of memory management.
Syllabus
From Trash to Treasure: Timing-Sensitive Garbage Collection
Taught by
IEEE Symposium on Security and Privacy