Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

NetCAT - Practical Cache Attacks from the Network

IEEE via YouTube

Overview

Explore a groundbreaking IEEE conference talk on NetCAT, a practical cache attack from the network. Delve into the security implications of Direct Cache Access (DCA) on modern Intel processors, focusing on the Last Level Cache (LLC) shared between CPU and peripheral devices. Discover how NetCAT enables network-based PRIME+PROBE cache attacks, potentially compromising sensitive information in both cooperative and adversarial settings. Learn about the reverse engineering of Data-Direct I/O (DDIO), its impact on processor security, and a demonstrative keystroke timing attack on SSH connections. Gain insights into the challenges, implementation, and evaluation of NetCAT, including CVE-2019-11184. Understand the importance of cautious microarchitectural component sharing with peripherals and potential mitigation strategies for this novel security threat.

Syllabus

Intro
Cache Attack from the Network
Cache Attacks (prev.)
The Memory Wall - Caches
PRIME+PROBE
Cache Hits & Misses
Background - DDIO
Background - Why is DDIO needed?
Network Cache Attack - Main Challenges
Reverse Engineering DDIO • How does DDIO interact with the LLC
Reads served from memory vs LLC
DDIO Allocation Limitation
Detecting the NIC's ring buffer in LLC
Tracking the Ring Buffer
Map inter-packet arrival times to Words
Evaluation
CVE-2019-11184 - Demo
Attacker measures ring buffer activity
Mitigation
The name of our paper
Conclusion

Taught by

IEEE Symposium on Security and Privacy

Reviews

Start your review of NetCAT - Practical Cache Attacks from the Network

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.