Given the rise in popularity of cloud computing and platform-as-a-service, vulnerabilities inherent to systems which share hardware resources will become increasingly attractive targets to malicious software authors. This talk first presents a classification of the possible cloud-based side channels which use hardware virtualization. Additionally, a novel side channel exploiting out-of-order-execution in the CPU pipeline is described and implemented. Finally, this talk will show constructions of several adversarial applications and demo two. These applications are deployed across the novel side channel to prove the viability of each exploit. We then analyze successful detection and mitigation techniques of the side channel attacks.
Presented at
Resources
- Whitepaper, blog, POC||GTFO, and thesis
- Video from SEC-T 0x08
- Google or PDF slides
- Demo Scripts for Adversary (the receiver) and Target (the sender)
Author
- Sophia D'Antoine