Most popular programs
Trending now
Fault attacks (sometimes also called active side-channel attacks ) are a very powerful means that goes beyond just leaking secrets from an application or device, to actively manipulating it. We will look at fault attacks that can be triggered from software, namely Rowhammer and Plundervolt. We will also learn that some transient-execution attacks have some similarities to fault attacks. You will implement some of these attacks yourself and learn how they are mitigated.
In this course, we build upon the knowledge we built up on cache side-channel attacks and transient-execution attacks, as well as the side-channel and security mindset. We again go beyond software-based side-channel attacks and now study software-based fault attacks. Fault attacks (sometimes also called active side-channel attacks ) are an incredibly powerful means to attack a system. Instead of just leaking secrets from an application or device, fault attacks actively manipulate the application or device to induce incorrect behavior which lets the attacker again leak secrets or fully take over control and subvert the application or device. We will look at fault attacks that can be triggered from software, namely Rowhammer and Plundervolt. We will then draw the connection between these attacks and transient-execution attacks that share some similarities. You will implement some of these attacks yourself and learn how they are mitigated.
Knowledge and skills from the prerequisite courses Side Channel Security S3: Cache Side-Channel Attacks and Mitigations , Side Channel Security S4: Physical and Advanced Side-Channel Attacks , and Side Channel Security S5: Transient-Execution Attacks are strongly recommended.
We expect C and C++ programming skills on a similar level as in the prerequisite course. You may have obtained these as part of a university program such as computer science or a high school degree with a focus on computer science.
- Understand different methods to induce hardware faults from software on modern computers
- Understand how these faulting mechanisms can undermine a system's security
- Understand the security risks posed and how fault attacks can be mitigated
- Episode 1: Sledge Hammer!
Attackers can fault hardware from software using Rowhammer.
- Episode 2: Under Voltage
Plundervolt similarly can induce faults.
- Episode 3: Load Value Inception
Injecting false values also works in the transient domain and without any physical fault.
- Episode 4: Power Leakers
Software exposes power consumption interfaces, enabling leakage.
- Episode 5: Hardware Leaks and Software Leaks
The page cache can be used for attacks similar to hardware caches.
Who can take this course?
Unfortunately, learners residing in one or more of the following countries or regions will not be able to register for this course: Iran, Cuba and the Crimea region of Ukraine. While edX has sought licenses from the U.S. Office of Foreign Assets Control (OFAC) to offer our courses to learners in these countries and regions, the licenses we have received are not broad enough to allow us to offer this course in all locations. edX truly regrets that U.S. sanctions prevent us from offering all of our courses to everyone, no matter where they live.
Who can take this course?
Unfortunately, learners residing in one or more of the following countries or regions will not be able to register for this course: Iran, Cuba and the Crimea region of Ukraine. While edX has sought licenses from the U.S. Office of Foreign Assets Control (OFAC) to offer our courses to learners in these countries and regions, the licenses we have received are not broad enough to allow us to offer this course in all locations. edX truly regrets that U.S. sanctions prevent us from offering all of our courses to everyone, no matter where they live.