Transient-Execution Attacks: Understanding Meltdown and Spectre
About this Course
In this course, we build upon the knowledge we built up so far on cache side-channel attacks as well as the side-channel and security mindset. We will then go beyond software-based side-channel attacks and study transient-execution attacks. Transient execution is a mechanism present in modern processors, where the processor performs operations, often speculatively, that it later on has to undo. However, the side effects of these operations remain and leak data (not meta-data!) to the attacker. Similar to the prior courses, we provide you with the experience of discovering these attacks yourself in a group of students, living in a shared appartment. We again dive deeper into the microarchitecture and will now understand out-of-order pipelines and how their behavior introduces leakage. We will then use side channels to exfiltrate data and transmit it to an attacker-controlled application. We will learn about the most prominent of these attacks: Meltdown, Spectre, Foreshadow, and ZombieLoad. You will implement some of these attacks yourself, which requires skills in reading and writing C code. You will learn which attacks are relevant in the concrete native and virtualized environments you are working with, contributing to your risk assessment skills. In a set of small exercises, you will implement some of these attacks and show that you understood out-of-order execution pipelines, transient-execution attacks and potential mitigations against them.Created by: Graz University of Technology
Level: Advanced
Related Online Courses
A follow-on to Intro to QC for Everyone 1, this course delves deeper into the mathematical basis for quantum computing and the programming that makes it a reality. Students will be taught all of... more
Los omnipresentes Sistemas de Información Gerencial (SIG) o Management Information Systems (MIS) juegan un papel crítico en el actual panorama profesional. Desde los sistemas de gestión de las re... more
Technologies are always being defeated. If you own an information asset that’s valuable enough to the right adversary, it’s only a matter of time before there’s a breach. Today’s technol... more
Welcome to this Spark AR Studio introductory course. In this course, you will learn all the fundamentals to get you going on your very own Spark AR journey! Whether you are looking to create... more
The service mesh is an increasingly critical component of the cloud native ecosystem, with the Kubernetes ecosystem especially using service mesh projects to add reliability, security, and... more