Side Channel Security S3: Advanced Software Side Channels

Course Description

Embark on an exciting journey into the world of advanced software-based timing and cache attacks with our course "Side Channel Security S3: Advanced Software Side Channels." This intermediate-level computer science course, offered by TUGrazX, is designed to deepen your understanding of microarchitecture, virtual memory, and caches while honing your skills in discovering and exploiting side channels.

What students will learn

• In-depth knowledge of microarchitecture, virtual memory, and caches
• Identification and exploitation of various cache side channels (Flush+Flush, Evict+Reload, Prime+Probe)
• Risk assessment skills for native and virtualized environments
• Practical experience in finding and exploiting cache side channels in small software programs
• Understanding of security risks posed by cache side channels and potential mitigation strategies

Pre-requisites

• Completion of the prerequisite course "Side Channel Security S2: Introduction to Software Side Channels and Mitigations"
• Basic programming skills, particularly in C
• Foundational knowledge of software-based timing and cache attacks
• Familiarity with the side-channel mindset

Course Coverage

• Virtual memory and cache hierarchies
• Cache side channel attacks (Flush+Flush, Evict+Reload, Prime+Probe)
• Cache replacement mechanisms
• Cache Template Attacks
• DRAM Addressing (DRAMA) side channels
• Risk assessment in native and virtualized environments
• Practical exercises in exploiting cache side channels
• Mitigation strategies for cache side channel attacks

Who this course is for

This course is ideal for computer science students, cybersecurity professionals, software developers, and anyone interested in advancing their knowledge of side channel security. It's particularly suited for those who have completed the prerequisite course and want to delve deeper into the intricacies of cache-based side channel attacks.

Real-world applications

The skills acquired in this course are highly valuable in today's cybersecurity landscape. Learners will be able to:

• Conduct thorough security assessments of software systems
• Identify potential vulnerabilities in microarchitectures
• Develop more secure software by understanding and mitigating cache-based side channel risks
• Contribute to the field of cybersecurity research and development
• Enhance the overall security posture of organizations by applying advanced knowledge of side channel attacks

Syllabus

This course offers a unique and engaging approach to learning advanced side channel security concepts, presented through the lens of a group of students living in a shared apartment. By combining theoretical knowledge with practical exercises and real-world scenarios, you'll gain invaluable skills that will set you apart in the field of cybersecurity.