TUGrazX: Cache Side-Channel Attacks and Mitigations

TUGrazX: Cache Side-Channel Attacks and Mitigations

by Graz University of Technology

Side Channel Security S3: Advanced Software Side Channels

Course Description

Embark on an exciting journey into the world of advanced software-based timing and cache attacks with our course "Side Channel Security S3: Advanced Software Side Channels." This intermediate-level computer science course, offered by TUGrazX, is designed to deepen your understanding of microarchitecture, virtual memory, and caches while honing your skills in discovering and exploiting side channels.

What students will learn

  • In-depth knowledge of microarchitecture, virtual memory, and caches
  • Identification and exploitation of various cache side channels (Flush+Flush, Evict+Reload, Prime+Probe)
  • Risk assessment skills for native and virtualized environments
  • Practical experience in finding and exploiting cache side channels in small software programs
  • Understanding of security risks posed by cache side channels and potential mitigation strategies

Pre-requisites

  • Completion of the prerequisite course "Side Channel Security S2: Introduction to Software Side Channels and Mitigations"
  • Basic programming skills, particularly in C
  • Foundational knowledge of software-based timing and cache attacks
  • Familiarity with the side-channel mindset

Course Coverage

  • Virtual memory and cache hierarchies
  • Cache side channel attacks (Flush+Flush, Evict+Reload, Prime+Probe)
  • Cache replacement mechanisms
  • Cache Template Attacks
  • DRAM Addressing (DRAMA) side channels
  • Risk assessment in native and virtualized environments
  • Practical exercises in exploiting cache side channels
  • Mitigation strategies for cache side channel attacks

Who this course is for

This course is ideal for computer science students, cybersecurity professionals, software developers, and anyone interested in advancing their knowledge of side channel security. It's particularly suited for those who have completed the prerequisite course and want to delve deeper into the intricacies of cache-based side channel attacks.

Real-world applications

The skills acquired in this course are highly valuable in today's cybersecurity landscape. Learners will be able to:

  • Conduct thorough security assessments of software systems
  • Identify potential vulnerabilities in microarchitectures
  • Develop more secure software by understanding and mitigating cache-based side channel risks
  • Contribute to the field of cybersecurity research and development
  • Enhance the overall security posture of organizations by applying advanced knowledge of side channel attacks

Syllabus

Episode 1: Down the Rabbit Hole

  • Understanding virtual addresses and caches
  • Identifying hidden timing differences

Episode 2: Gone with the Flush

  • Discovering Flush+Flush and Evict+Reload attacks
  • Learning about cache replacement mechanisms

Episode 3: Optimus Prime+Probe

  • Exploring the Prime+Probe attack
  • Comparing Prime+Probe with other attack methods

Episode 4: Jonas and the Template of Doom

  • Introduction to Cache Template Attacks
  • Scanning binaries for cache activity
  • Automatically building cache side-channel attacks
  • Practical application: Attacking AES

Episode 5: Drama with Manuel

  • Discovery of DRAM Addressing (DRAMA) side channels
  • Understanding timing differences in system activities

This course offers a unique and engaging approach to learning advanced side channel security concepts, presented through the lens of a group of students living in a shared apartment. By combining theoretical knowledge with practical exercises and real-world scenarios, you'll gain invaluable skills that will set you apart in the field of cybersecurity.

Similar Courses
Course Page   TUGrazX: Cache Side-Channel Attacks and Mitigations