1 research outputs found
Software-based Microarchitectural Attacks
Modern processors are highly optimized systems where every single cycle of
computation time matters. Many optimizations depend on the data that is being
processed. Software-based microarchitectural attacks exploit effects of these
optimizations. Microarchitectural side-channel attacks leak secrets from
cryptographic computations, from general purpose computations, or from the
kernel. This leakage even persists across all common isolation boundaries, such
as processes, containers, and virtual machines. Microarchitectural fault
attacks exploit the physical imperfections of modern computer systems.
Shrinking process technology introduces effects between isolated hardware
elements that can be exploited by attackers to take control of the entire
system. These attacks are especially interesting in scenarios where the
attacker is unprivileged or even sandboxed.
In this thesis, we focus on microarchitectural attacks and defenses on
commodity systems. We investigate known and new side channels and show that
microarchitectural attacks can be fully automated. Furthermore, we show that
these attacks can be mounted in highly restricted environments such as
sandboxed JavaScript code in websites. We show that microarchitectural attacks
exist on any modern computer system, including mobile devices (e.g.,
smartphones), personal computers, and commercial cloud systems. This thesis
consists of two parts. In the first part, we provide background on modern
processor architectures and discuss state-of-the-art attacks and defenses in
the area of microarchitectural side-channel attacks and microarchitectural
fault attacks. In the second part, a selection of our papers are provided
without modification from their original publications. I have co-authored these
papers, which have subsequently been anonymously peer-reviewed, accepted, and
presented at renowned international conferences.Comment: PhD Thesis. Graz University of Technology. June, 201