Explore hardware side channel vulnerabilities in virtualized environments through this closing keynote from the Hack In The Box Security Conference. Delve into the landscape of side channel vulnerabilities, examining types possible under different virtualization scenarios and the fundamental principles of side-channel attacks. Contrast these against specific exploitations in cloud-based environments. Examine the attack surface of common cloud-based hardware side channels, including shared hardware stacks between supposedly isolated hosts. Witness demonstrations of two separate attacks - one in the cache and a novel side channel across the pipeline - to illustrate the discussed theories. Review potential mitigations at hardware, hypervisor, and client software levels, and gain insights into the future of side channels in cloud computing. Learn from security researcher Sophia D'Antoine, who shares her expertise in malicious applications of hardware side channels in virtualized environments, drawing from her graduate research at Rensselaer Polytechnic Institute and her work with LLVM on automated analysis, obfuscation, and transformation of execution paths.
Overview
Syllabus
#HITB2016AMS CLOSING KEYNOTE - Hardware Side Channels in Virtualized Environments - Sophia D'Antoine
Taught by
Hack In The Box Security Conference
Related Courses
-
Side Channel Security – Caches and Physical Attacks
-
Cache Side-Channel Attacks and Mitigations
-
The Road to Side-Channel Regression Testing in CI Development
-
Exploiting Hardware Glitches and Side Channels in Perfect Software
-
Screaming Channels - When Electromagnetic Side Channels Meet Radio Transceivers
-
Cache Side Channel Attacks - CPU Design As A Security Problem
