Logo des Repositoriums
 

Software-based microarchitectural attacks

Kurzanzeige
dc.contributor.authorGruss, Daniel
dc.date.accessioned2021-06-21T10:14:11Z
dc.date.available2021-06-21T10:14:11Z
dc.date.issued2018
dc.description.abstractModern processors are highly optimized systems where every single cycle of computation time matters. Many optimizations depend on the data that is being processed. Microarchitectural attacks leak this data (side channels) or exploit physical imperfections to take control of the entire system (fault attacks). In my thesis (D. Gruss. Software-based Microarchitectural Attacks . PhD thesis, Graz University of Technology, 2017), I improved over state of the art in microarchitectural attacks and defenses in three dimensions. I cover these briefly in this summary. First, I show that attacks can be fully automated. Second, I present several novel previously unknown side channels. Third, I show that attacks can be mounted in highly restricted environments such as sandboxed JavaScript code in websites, and on any computer system including smartphones, tablets, personal computers, and commercial cloud systems. These results formed one of the corner stones for attacks like Meltdown (M. Lipp et al. Meltdown: Reading kernel memory from user space. In USENIX Security Symposium , 2018) and Spectre (P. Kocher et al. Spectre attacks: Exploiting speculative execution. In S&P , 2019) which were discovered months after the thesis was concluded.en
dc.identifier.doi10.1515/itit-2018-0034
dc.identifier.pissn2196-7032
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/36623
dc.language.isoen
dc.publisherDe Gruyter
dc.relation.ispartofit - Information Technology: Vol. 60, No. 5-6
dc.subjectSide-Channel Attacks
dc.subjectOperating Systems Security
dc.titleSoftware-based microarchitectural attacksen
dc.typeText/Journal Article
gi.citation.endPage341
gi.citation.publisherPlaceBerlin
gi.citation.startPage335

Dateien

Sammlungen

it - Information Technology 60(5-6) - Oktober 2018