Ir al contenido principal

Between Physical and Sofware: Fault Attacks, Side Channels, and Mitigations

Fault attacks (sometimes also called active side-channel attacks ) are a very powerful means that goes beyond just leaking secrets from an application or device, to actively manipulating it. We will look at fault attacks that can be triggered from software, namely Rowhammer and Plundervolt. We will also learn that some transient-execution attacks have some similarities to fault attacks. You will implement some of these attacks yourself and learn how they are mitigated.

...
Between Physical and Sofware: Fault Attacks, Side Channels, and Mitigations

Hay una sesión disponible:

Una vez finalizada la sesión del curso, será archivadoAbre en una pestaña nueva.
Comenzó el 11 abr
Termina el 21 jun
Inscríbete

Between Physical and Sofware: Fault Attacks, Side Channels, and Mitigations

Fault attacks (sometimes also called active side-channel attacks ) are a very powerful means that goes beyond just leaking secrets from an application or device, to actively manipulating it. We will look at fault attacks that can be triggered from software, namely Rowhammer and Plundervolt. We will also learn that some transient-execution attacks have some similarities to fault attacks. You will implement some of these attacks yourself and learn how they are mitigated.

Between Physical and Sofware: Fault Attacks, Side Channels, and Mitigations
10 semanas
3–4 horas por semana
Al ritmo del instructor
Con un cronograma específico
Gratis
Verificación opcional disponible

Hay una sesión disponible:

Una vez finalizada la sesión del curso, será archivadoAbre en una pestaña nueva.
Comenzó el 11 abr
Termina el 21 jun
Inscríbete
Between Physical and Sofware: Fault Attacks, Side Channels, and Mitigations

Sobre este curso

Omitir Sobre este curso

In this course, we build upon the knowledge we built up on cache side-channel attacks and transient-execution attacks, as well as the side-channel and security mindset. We again go beyond software-based side-channel attacks and now study software-based fault attacks. Fault attacks (sometimes also called active side-channel attacks ) are an incredibly powerful means to attack a system. Instead of just leaking secrets from an application or device, fault attacks actively manipulate the application or device to induce incorrect behavior which lets the attacker again leak secrets or fully take over control and subvert the application or device. We will look at fault attacks that can be triggered from software, namely Rowhammer and Plundervolt. We will then draw the connection between these attacks and transient-execution attacks that share some similarities. You will implement some of these attacks yourself and learn how they are mitigated.

De un vistazo

  • Institución: TUGrazX
  • Tema: Informática
  • Nivel: Advanced
  • Prerrequisitos:

    Knowledge and skills from the prerequisite courses Side Channel Security S3: Cache Side-Channel Attacks and Mitigations , Side Channel Security S4: Physical and Advanced Side-Channel Attacks , and Side Channel Security S5: Transient-Execution Attacks are strongly recommended.

    We expect C and C++ programming skills on a similar level as in the prerequisite course. You may have obtained these as part of a university program such as computer science or a high school degree with a focus on computer science.

Lo que aprenderás

Omitir Lo que aprenderás

- Understand different methods to induce hardware faults from software on modern computers
- Understand how these faulting mechanisms can undermine a system's security
- Understand the security risks posed and how fault attacks can be mitigated

Plan de estudios

Omitir Plan de estudios

- Episode 1: Sledge Hammer!

Attackers can fault hardware from software using Rowhammer.

- Episode 2: Under Voltage

Plundervolt similarly can induce faults.

- Episode 3: Load Value Inception

Injecting false values also works in the transient domain and without any physical fault.

- Episode 4: Power Leakers

Software exposes power consumption interfaces, enabling leakage.

- Episode 5: Hardware Leaks and Software Leaks

The page cache can be used for attacks similar to hardware caches.

Acerca de los instructores

¿Quién puede hacer este curso?

Lamentablemente, las personas residentes en uno o más de los siguientes países o regiones no podrán registrarse para este curso: Irán, Cuba y la región de Crimea en Ucrania. Si bien edX consiguió licencias de la Oficina de Control de Activos Extranjeros de los EE. UU. (U.S. Office of Foreign Assets Control, OFAC) para ofrecer nuestros cursos a personas en estos países y regiones, las licencias que hemos recibido no son lo suficientemente amplias como para permitirnos dictar este curso en todas las ubicaciones. edX lamenta profundamente que las sanciones estadounidenses impidan que ofrezcamos todos nuestros cursos a cualquier persona, sin importar dónde viva.

This course is part ofSide Channel Security – Transient Execution and Fault Attacks Professional Certificate Program

Más información 
Instrucción por expertos
2 cursos de capacitación
5 meses
3 - 4 horas semanales

Formas de realizar este curso

Elige tu camino al inscribirte.
Modalidad verificada
Modalidad de auditoría

Costo

149 US$

Gratis

Acceso a los materiales del curso

Ilimitado

Limitado

Caduca el 20 jun

Instituciones y universidades de primera categoría

Asistencia de edX

Certificado para compartir al finalizar

Tareas con calificación y exámenes

Visita la sección de preguntas frecuentesen una pestaña nueva con preguntas frecuentes sobre estas modalidades.

¿Te interesa este curso para tu negocio o equipo?

Train your employees in the most in-demand topics, with edX For Business.
Purchase nowSolicitar información