Über
Inhalt
Kursinhalt
Side channels exist in the real world, but they also exist in computers and can be exploited directly from software. This is a substantial computer security problem today, that we need to learn about to be able to stop attacks. In this course, you will learn and practice basic software-based side channels and understand the thought process to utilize a side channel. You will then learn how to mitigate or avoid side channels in software.Lernziele
After completing this course, you will:
- be able to spot side-channel leakage in simple programs
- be able to use software-based side channels to extract secret information
- be able to connect these security risks with methods to mitigate and close side channels in software
Vorkenntnisse
No formal prerequisites but it is expected that you already have started to build up your side-channel security mindset, for instance via the corresponding iMooX course.
Kursablauf
There are 5 parts (episodes+exercises) in this course:
The flatmates realize there is some effect that can fault hardware from software.
This so-called Rowhammer effect can fully subvert a system, providing full kernel privileges to the attacker.
- Episode 2: Under Voltage
Daniel undervolts his laptop because that saves energy and produces less heat. As this sometimes causes crashes or data corruption the flatmates try to figure out how to exploit this behavior to leak secrets from trusted execution environments.
- Episode 3: Load Value Inception
The flatmates realize that they can inject values into Daniel's mind by saying names at the right moment in time, while Daniel is thinking about a name. They figure out that computer's are susceptible to a very similar attack and use it to turn Meltdown around, from a leakage primitive to a load value injection primitive.
- Episode 4: Power Leakers
Andreas investigates the power consumption on his computer and realizes that there is a substantial amount of leakage when monitoring the power consumption from software. It turns out that this leakage is as powerful as the physical side channel attacks they have mounted several months earlier.
- Episode 5: Hardware Leaks and Software Leaks
The graduation ceremony is ahead. The flatmates realize that there is a lot of leakage everywhere and the power consumption system interface is just one system interface while there are many more. They pick the page cache as a target and figure out that they can spy on user input through it. They believe this is new and disclose this to a vendor. After their graduation ceremony with the rector, the dean, and the Austrian president, a big surprise is waiting for them at home.
Zertifikat
Für die aktive Teilnahme am Kurs erfolgt bei Abschluss die Ausstellung einer automatisierten Teilnahmebestätigung, welche Ihren Namen, den Kursnamen und die abgeschlossenen Lektionen beinhaltet. Es wird darauf hingewiesen, dass es sich nur um eine Bestätigung handelt, die aussagt, dass Sie zumindest 75% der gestellten Selbstüberprüfungsfragen richtig beantwortet haben.Lizenz
Dieses Werk ist lizenziert unter CC BY 4.0Discussion
If you prefer a more instant means of communication compared to the iMooX forum, you can join our official community on Discord. Just visit https://discord.gg/rrbazVdAN9 and join SCS's Discord server!
Discussion Guidelines
Both Discord and the discussion forums are where you can express thoughts, develop ideas, and engage with classmates and instructors. Please review discussion postings before posting your own to avoid redundancy. When adding a forum post, mark it as a Question or a Discussion. Questions raise issues that need answers, whereas Discussions share ideas and start conversations. Do not post solutions or links to solutions to quiz questions or homework assignments anywhere. Give your message a meaningful title. Use common writing practices for online communication. Participation on Discord and in the discussion forums is voluntary, but we encourage participation to get to know everyone else taking the course. We, the instructors and TAs, will answer your questions on both platforms of course.
Academic Policy
The course follows the academic policy of TU Graz.
Kursleitung
Daniel Gruß
Daniel Gruss (@lavados) is a University Professor at Graz University of Technology. He loves teaching and research of system-level topics, including side channels and transient execution attacks. He implemented the first remote fault attack running in a website, known as Rowhammer.js. His research team was one of the teams that found the Meltdown and Spectre bugs, published in early 2018. In 2023, he received an ERC Starting Grant to research the sustainability of security. He frequently speaks at top international venues.
Anmelden & Einschreiben Der Kurs startet am 3. November 2025. Aktuell: 0 Teilnehmer:innen
Kostenlos für alle € 0.00
Partner:innen
Technische Universität Graz
Graz