Explore a groundbreaking IEEE conference talk on NetCAT, a practical cache attack from the network. Delve into the security implications of Direct Cache Access (DCA) on modern Intel processors, focusing on the Last Level Cache (LLC) shared between CPU and peripheral devices. Discover how NetCAT enables network-based PRIME+PROBE cache attacks, potentially compromising sensitive information in both cooperative and adversarial settings. Learn about the reverse engineering of Data-Direct I/O (DDIO), its impact on processor security, and a demonstrative keystroke timing attack on SSH connections. Gain insights into the challenges, implementation, and evaluation of NetCAT, including CVE-2019-11184. Understand the importance of cautious microarchitectural component sharing with peripherals and potential mitigation strategies for this novel security threat.
Overview
Syllabus
Intro
Cache Attack from the Network
Cache Attacks (prev.)
The Memory Wall - Caches
PRIME+PROBE
Cache Hits & Misses
Background - DDIO
Background - Why is DDIO needed?
Network Cache Attack - Main Challenges
Reverse Engineering DDIO • How does DDIO interact with the LLC
Reads served from memory vs LLC
DDIO Allocation Limitation
Detecting the NIC's ring buffer in LLC
Tracking the Ring Buffer
Map inter-packet arrival times to Words
Evaluation
CVE-2019-11184 - Demo
Attacker measures ring buffer activity
Mitigation
The name of our paper
Conclusion
Taught by
IEEE Symposium on Security and Privacy
