Explore a 21-minute IEEE conference talk that delves into the security implications of automatic memory management. Discover how garbage collectors can be exploited as a shared resource to leak sensitive information at rates up to 1 byte/sec on modern computers. Learn about the construction of example attacks that demonstrate this vulnerability, including its potential for remote exploitation in datacenter environments. Gain insights into a novel design for automatic memory management that offers proven resilience against such timing-sensitive attacks. Presented by Mathias Vorreiter Pedersen from Aarhus University at the 2017 IEEE Symposium on Security & Privacy, this talk provides valuable knowledge for cybersecurity professionals and software developers concerned with information flow security in the context of memory management.
From Trash to Treasure - Timing-Sensitive Garbage Collection
Overview
Syllabus
From Trash to Treasure: Timing-Sensitive Garbage Collection
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
-
Practical Timing Side-Channel Attacks on Memory Compression
-
RIDL - Rogue In-Flight Data Load
-
Memory Management with MMTk - Lessons Learned from Replacing Ruby's Garbage Collector
-
PrivKV - Key Value Data Collection with Local Differential Privacy
-
Nom - A Byte-oriented, Streaming, Zero-copy Parser Combinators Library in Rust
-
How IoT Re-using Threatens Your Sensitive Data - Exploring the User-Data Disposal in Used IoT Devices
