Explore the security implications of memory deduplication in cloud environments through this Black Hat conference talk. Delve into how cloud providers utilize memory deduplication to optimize system resources and the potential vulnerabilities this practice introduces. Examine previous research demonstrating local exploits of memory deduplication for ASLR breaks, Rowhammer attacks, and application fingerprinting. Learn about proposed countermeasures to restrict memory deduplication across security domains and its subsequent re-enablement within specific contexts on Windows and Linux server systems. Gain insights from security researchers Erik Kraft, Daniel Gruss, and Martin Schwarzl as they present their findings on remote memory-deduplication attacks, offering a comprehensive look at this critical cloud security topic in a 31-minute presentation.
Overview
Syllabus
Remote Memory-Deduplication Attacks
Taught by
Black Hat
Related Courses
-
Exploiting Correcting Codes on the Effectiveness of ECC Memory Against Rowhammer Attacks
-
Page Cache Attacks - Microarchitectural Attacks on Flawless Hardware
-
Over the Edge - Silently Owning Windows 10's Secure Browser
-
Silently Breaking ASLR in the Cloud
-
Another Flip in the Row
-
Another Flip in the Wall of Rowhammer Defenses
