Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
4 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,25 +1,15 @@ | ||
## The Bad Neighbor | ||
|
||
Talk Description: | ||
"Hardware Side Channels in Virtualized Environments" | ||
|
||
This talk will describe first the landscape of side channel vulnerabilities, the types which are possible given different virtualization circumstances, and the basic primitives of an side-channel attack. This survey will contrast against the specific exploitation of the cloud based environment. | ||
|
||
We then look closely at the attack surface of common, cloud-based, hardware side channels. This includes the full hardware stack shared between supposedly isolated hosts and the similarities and differences in exploiting each hardware resource. | ||
|
||
Following this, demonstrations of two separate attacks, one in the cache and a novel side channel across the pipeline, will be made to show the theory behind what is being discussed. | ||
|
||
To conclude, we review possible mitigations at the hardware, hypervisor, and client software level, as well as give our thoughts on the future of side channels in the cloud. | ||
## Hardware Side Channels in Virtualized Environments aka The Bad Neighbor | ||
|
||
This talk will describe first the landscape of side channel vulnerabilities, the types which are possible given different virtualization circumstances, and the basic primitives of an side-channel attack. This survey will contrast against the specific exploitation of a cloud based environment. We then look closely at the attack surface of common, cloud-based, hardware side channels. This includes the full hardware stack shared between supposedly isolated hosts and the similarities and differences in exploiting each hardware resource. Following this, demonstrations of two separate attacks, one in the cache and a novel side channel across the pipeline, will be made to show the theory behind what is being discussed. To conclude, we review possible mitigations at the hardware, hypervisor, and client software level, as well as give our thoughts on the future of side channels in the cloud. | ||
|
||
Presented at | ||
|
||
* [Hack in the Box: Amsterdam (Keynote)](https://conference.hitb.org/hitbsecconf2016ams/sessions/closing-keynote-the-bad-neighbor-hardware-side-channels-in-virtualized-environments/) | ||
|
||
Resources | ||
|
||
* Whitepapers: [Trail of Bits blog](https://blog.trailofbits.com/2015/07/21/hardware-side-channels-in-the-cloud/) | ||
* Slides: [sophia.re](http://www.sophia.re/HSC-Keynote/index.html) | ||
* [Hardware Side Channels in the Cloud](https://blog.trailofbits.com/2015/07/21/hardware-side-channels-in-the-cloud/) | ||
* [The Bad Neighbor.pptx](/presentations/The%20Bad%20Neighbor/The%20Bad%20Neighbor.pptx) | ||
|
||
Author | ||
* Sophia D'Antoine |