Overview
Explore side-channel attacks on shared search indexes in this IEEE Symposium on Security & Privacy conference talk. Delve into the vulnerabilities of multi-tenant full-text search systems like Elasticsearch and Apache Solr. Learn about the STRESS (Search Text RElevance Score Side channel) attack, which exploits TF-IDF scores to leak information about other users' documents. Discover how attackers can map index structures, obtain document placement, and extract sensitive information from co-tenants. Examine real-world demonstrations on popular services such as GitHub and Xen.do. Gain insights into the technical aspects of these attacks, including the DF sidechannel, TM sidechannel, and ScottyP sidechannel. Understand the implications for document retrieval security and explore potential countermeasures to protect against these vulnerabilities in shared search environments.
Syllabus
Introduction
What are Shared Search Indexes
How does a Shared Search Index work
SideChannel Attacks
How does it work
The DF sidechannel
The TM sidechannel
ScottyP sidechannel attack
koshertesting
shark mating
tag testing
results
GitHub
Scenario
Common Areas
Summary
Questions
Taught by
IEEE Symposium on Security and Privacy