Ir al contenido principal

TUGrazX: Transient-Execution Attacks: Understanding Meltdown and Spectre

Beyond software-based side-channel attacks there is a new class of attacks called transient-execution attacks. These attacks go beyond leaking meta-data and directly retrieve secret data but they use side channels as an data exfiltration mechanism to transmit the secret data to an attacker-controlled application. We will look at the most prominent of these attacks: Meltdown, Spectre, Foreshadow, and ZombieLoad. You will implement some of these attacks yourself and learn how to mitigate them.

Transient-Execution Attacks: Understanding Meltdown and Spectre
10 semanas
3–4 horas por semana
A tu ritmo
Avanza a tu ritmo
Gratis
Verificación opcional disponible

Hay una sesión disponible:

Una vez finalizada la sesión del curso, será archivadoAbre en una pestaña nueva.
Comienza el 19 abr
Termina el 6 jun

Sobre este curso

Omitir Sobre este curso

In this course, we build upon the knowledge we built up so far on cache side-channel attacks as well as the side-channel and security mindset. We will then go beyond software-based side-channel attacks and study transient-execution attacks. Transient execution is a mechanism present in modern processors, where the processor performs operations, often speculatively, that it later on has to undo. However, the side effects of these operations remain and leak data (not meta-data!) to the attacker. Similar to the prior courses, we provide you with the experience of discovering these attacks yourself in a group of students, living in a shared appartment. We again dive deeper into the microarchitecture and will now understand out-of-order pipelines and how their behavior introduces leakage. We will then use side channels to exfiltrate data and transmit it to an attacker-controlled application. We will learn about the most prominent of these attacks: Meltdown, Spectre, Foreshadow, and ZombieLoad. You will implement some of these attacks yourself, which requires skills in reading and writing C code. You will learn which attacks are relevant in the concrete native and virtualized environments you are working with, contributing to your risk assessment skills. In a set of small exercises, you will implement some of these attacks and show that you understood out-of-order execution pipelines, transient-execution attacks and potential mitigations against them.

De un vistazo

  • Institution TUGrazX
  • Subject Informática
  • Level Advanced
  • Prerequisites

    Knowledge and skills from the prerequisite course Side Channel Security S3: Cache Side-Channel Attacks and Mitigations. Knowledge and skills from Side Channel Security S4: Physical and Advanced Side-Channel Attacks are strongly recommended.

    We expect C and C++ programming skills on a similar level as in the prerequisite course. You may have obtained these as part of a university program such as computer science or a high school degree with a focus on computer science.

Lo que aprenderás

Omitir Lo que aprenderás

- Understand the difference between side-channel attacks and transient-execution attacks
- Build up the ability to recognize which software may be exposed to transient-execution vulnerabilities
- Understand the immense security risks posed by transient-execution attacks and how these attacks can be mitigated

Plan de estudios

Omitir Plan de estudios

- Episode 1: Haunted by Spectre

Speculative behaviors can leak secrets from other programs.

- Episode 2: Daniel has a Meltdown

Computers sometimes leak secrets before realizing they shouldn't.

- Episode 3: Trust Issues

We investigate trusted execution environments for isolation.

- Episode 4: Foreshadow

We investigate transient-execution attacks on trusted execution environments.

- Episode 5: Noise is just someone else's data

Remaining noise turns out to still be data leakage.

¿Quién puede hacer este curso?

Lamentablemente, las personas residentes en uno o más de los siguientes países o regiones no podrán registrarse para este curso: Irán, Cuba y la región de Crimea en Ucrania. Si bien edX consiguió licencias de la Oficina de Control de Activos Extranjeros de los EE. UU. (U.S. Office of Foreign Assets Control, OFAC) para ofrecer nuestros cursos a personas en estos países y regiones, las licencias que hemos recibido no son lo suficientemente amplias como para permitirnos dictar este curso en todas las ubicaciones. edX lamenta profundamente que las sanciones estadounidenses impidan que ofrezcamos todos nuestros cursos a cualquier persona, sin importar dónde viva.

Este curso es parte del programa Side Channel Security – Transient Execution and Fault Attacks Professional Certificate

Más información 
Instrucción por expertos
2 cursos de capacitación
A tu ritmo
Avanza a tu ritmo
5 meses
3 - 4 horas semanales

¿Te interesa este curso para tu negocio o equipo?

Capacita a tus empleados en los temas más solicitados con edX para Negocios.