CS Colloquium - Daniel Gruss: Software-based Microarchitectural Attacks: What do we learn from Meltdown and Spectre?

In this talk, we will discuss software-based microarchitectural attacks, with a focus on Meltdown and Spectre.

2018.10.09 | Dorthe Haagen Nielsen

Date Fri 26 Oct
Time 15:15 16:00
Location Nygaard-016 (5335-016). Åbogade 34, 8200 Aarhus N

Abstract

In this talk, we will discuss software-based microarchitectural attacks, with a focus on Meltdown and Spectre. We will discuss memory timing and cache attacks. After building our first cache attack we will directly continue with Meltdown and Spectre. The talk will provide a detailed explanation of how these attacks fundamentally work. We will discuss countermeasures to protect against these attacks. Finally, we will discuss how we got into this situation with microarchitectural attacks and what we can learn from this development.

Bio

Daniel Gruss (@lavados) is an Assistant Professor at Graz University of Technology. He finished his PhD with distinction in less than 3 years. He has been involved in teaching operating system undergraduate courses since 2010. Daniel's research focuses on software-based side-channel attacks that exploit timing differences in hardware and operating systems. He implemented the first remote fault attack running in a website, known as Rowhammer.js. He frequently speaks at top international venues, such as Black Hat, Usenix Security, IEEE S&P, ACM CCS, Chaos Communication Congress, and others. His research team was one of the teams that found the Meltdown and Spectre bugs published in early 2018.

After the talk there will be coffee and cake.

Site Specific, Lecture / talk, CS frontpage, IT, computer science and mathematics , Target groups, Alumni, Future students, Private and public companies, Public/media, Staff