TUGrazX: Between Physical and Sofware: Fault Attacks, Side Channels, and Mitigations

Fault attacks (sometimes also called active side-channel attacks ) are a very powerful means that goes beyond just leaking secrets from an application or device, to actively manipulating it. We will look at fault attacks that can be triggered from software, namely Rowhammer and Plundervolt. We will also learn that some transient-execution attacks have some similarities to fault attacks. You will implement some of these attacks yourself and learn how they are mitigated.

10 semanas

3–4 horas por semana

A tu ritmo

Avanza a tu ritmo

Gratis

Verificación opcional disponible

Hay una sesión disponible:

Una vez finalizada la sesión del curso, será archivado.

Comienza el 29 abr

Termina el 6 jun

Inscríbete

Me gustaría recibir correos electrónicos de TUGrazX e informarme sobre otras ofertas relacionadas con Between Physical and Sofware: Fault Attacks, Side Channels, and Mitigations.

Inscríbete ahora

Comienza el 29 abr

Sobre este curso

Omitir Sobre este curso

In this course, we build upon the knowledge we built up on cache side-channel attacks and transient-execution attacks, as well as the side-channel and security mindset. We again go beyond software-based side-channel attacks and now study software-based fault attacks. Fault attacks (sometimes also called active side-channel attacks ) are an incredibly powerful means to attack a system. Instead of just leaking secrets from an application or device, fault attacks actively manipulate the application or device to induce incorrect behavior which lets the attacker again leak secrets or fully take over control and subvert the application or device. We will look at fault attacks that can be triggered from software, namely Rowhammer and Plundervolt. We will then draw the connection between these attacks and transient-execution attacks that share some similarities. You will implement some of these attacks yourself and learn how they are mitigated.

De un vistazo

Institution TUGrazX
Subject Informática
Level Advanced
Prerequisites
Knowledge and skills from the prerequisite courses Side Channel Security S3: Cache Side-Channel Attacks and Mitigations , Side Channel Security S4: Physical and Advanced Side-Channel Attacks , and Side Channel Security S5: Transient-Execution Attacks are strongly recommended.

We expect C and C++ programming skills on a similar level as in the prerequisite course. You may have obtained these as part of a university program such as computer science or a high school degree with a focus on computer science.

Language English
Video Transcript English
Associated programs
- Professional Certificate en Side Channel Security – Transient Execution and Fault Attacks

Lo que aprenderás

Omitir Lo que aprenderás

- Understand different methods to induce hardware faults from software on modern computers
- Understand how these faulting mechanisms can undermine a system's security
- Understand the security risks posed and how fault attacks can be mitigated

Plan de estudios

Omitir Plan de estudios

- Episode 1: Sledge Hammer!

Attackers can fault hardware from software using Rowhammer.

- Episode 2: Under Voltage

Plundervolt similarly can induce faults.

- Episode 3: Load Value Inception

Injecting false values also works in the transient domain and without any physical fault.

- Episode 4: Power Leakers

Software exposes power consumption interfaces, enabling leakage.

- Episode 5: Hardware Leaks and Software Leaks

The page cache can be used for attacks similar to hardware caches.

¿Quién puede hacer este curso?

Lamentablemente, las personas residentes en uno o más de los siguientes países o regiones no podrán registrarse para este curso: Irán, Cuba y la región de Crimea en Ucrania. Si bien edX consiguió licencias de la Oficina de Control de Activos Extranjeros de los EE. UU. (U.S. Office of Foreign Assets Control, OFAC) para ofrecer nuestros cursos a personas en estos países y regiones, las licencias que hemos recibido no son lo suficientemente amplias como para permitirnos dictar este curso en todas las ubicaciones. edX lamenta profundamente que las sanciones estadounidenses impidan que ofrezcamos todos nuestros cursos a cualquier persona, sin importar dónde viva.

Este curso es parte del programa Side Channel Security – Transient Execution and Fault Attacks Professional Certificate

Más información

Instrucción por expertos

2 cursos de capacitación

A tu ritmo

Avanza a tu ritmo

5 meses

3 - 4 horas semanales

Formas de realizar este curso

Elige tu camino al inscribirte.

Inscríbete ahora

Comienza el 29 abr

	Verified Track	Audit Track
Costo	129 US$	Free
Acceso a los materiales del curso	Ilimitado	Limitado Caduca el 8 jul
World class institutions and universities
Asistencia de edX
Certificado para compartir al finalizar
Tareas con calificación y exámenes

Visita la sección de Preguntas frecuentes con preguntas frecuentes sobre estas modalidades.

¿Te interesa este curso para tu negocio o equipo?

Capacita a tus empleados en los temas más solicitados con edX para Negocios.

Comprar Solicitar información

TUGrazX: Between Physical and Sofware: Fault Attacks, Side Channels, and Mitigations

Hay una sesión disponible:

Between Physical and Sofware: Fault Attacks, Side Channels, and Mitigations

Inscríbete ahora

Sobre este curso

De un vistazo

Lo que aprenderás

Plan de estudios

¿Quién puede hacer este curso?

Este curso es parte del programa Side Channel Security – Transient Execution and Fault Attacks Professional Certificate

Formas de realizar este curso

Inscríbete ahora

Verified Track

Audit Track

Costo

Acceso a los materiales del curso

World class institutions and universities

Asistencia de edX

Certificado para compartir al finalizar

Tareas con calificación y exámenes

¿Te interesa este curso para tu negocio o equipo?