Explore a cutting-edge security research presentation that delves into the vulnerabilities of Chrome's Strict Site Isolation through speculative execution attacks. Learn about the innovative Spook.js technique developed by an international team of researchers from the University of Michigan, University of Adelaide, Georgia Institute of Technology, and Tel Aviv University. Gain insights into how this attack method bypasses Chrome's security measures, potentially compromising user data and privacy. Understand the implications of this research for web browser security and the ongoing challenges in protecting against side-channel attacks in modern processors.
Spook.js - Attacking Chrome Strict Site Isolation via Speculative Execution
Overview
Syllabus
Spook.js: Attacking Chrome Strict Site Isolation via Speculative Execution
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
-
Cats vs. Spectre - An Axiomatic Approach to Modeling Speculative Execution Attacks
-
Timing-Based Browsing Privacy Vulnerabilities Via Site Isolation
-
The Code That Never Ran - Modeling Attacks on Speculative Evaluation
-
RIDL - Rogue In-Flight Data Load
-
Wrangling with the Ghost - An Inside Story of Mitigating Speculative Execution Side Channel Vulnerabilities
-
Hide and Seek with Spectres - Efficient Discovery of Speculative Vulnerabilities with Random Testing
