Logo des Repositoriums
 
Zeitschriftenartikel

Software-based microarchitectural attacks

Vorschaubild nicht verfügbar

Volltext URI

Dokumententyp

Text/Journal Article

Zusatzinformation

Datum

2018

Autor:innen

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Verlag

De Gruyter

Zusammenfassung

Modern processors are highly optimized systems where every single cycle of computation time matters. Many optimizations depend on the data that is being processed. Microarchitectural attacks leak this data (side channels) or exploit physical imperfections to take control of the entire system (fault attacks). In my thesis (D. Gruss. Software-based Microarchitectural Attacks . PhD thesis, Graz University of Technology, 2017), I improved over state of the art in microarchitectural attacks and defenses in three dimensions. I cover these briefly in this summary. First, I show that attacks can be fully automated. Second, I present several novel previously unknown side channels. Third, I show that attacks can be mounted in highly restricted environments such as sandboxed JavaScript code in websites, and on any computer system including smartphones, tablets, personal computers, and commercial cloud systems. These results formed one of the corner stones for attacks like Meltdown (M. Lipp et al. Meltdown: Reading kernel memory from user space. In USENIX Security Symposium , 2018) and Spectre (P. Kocher et al. Spectre attacks: Exploiting speculative execution. In S&P , 2019) which were discovered months after the thesis was concluded.

Beschreibung

Gruss, Daniel (2018): Software-based microarchitectural attacks. it - Information Technology: Vol. 60, No. 5-6. DOI: 10.1515/itit-2018-0034. Berlin: De Gruyter. PISSN: 2196-7032. pp. 335-341

Zitierform

Tags