CS/CIS presentation @ IEEE Rochester JCM on 4/9/2019: Cache Side-Channel Attack and Defense on Mobile and IoT Devices

Share

The IEEE Computer Society &  Computational Intelligence Society (CS/CIS) Rochester Chapter has a speaker presentation at the Section's joint chapters meeting (JCM) on April 9th, 2019. The technical sessions are free to attend.  Reservations are required to attend the dinner and keynote presentation with an associated cost.  Please find details and register for the JCM at:  https://meetings.vtools.ieee.org/m/190998

 


CS/CIS presentation:  Cache Side-Channel Attack and Defense on Mobile and IoT Devices

ABSTRACT:

It is found that existing and powerful cache side-channel attacks
on Intel architectures, including Prime+Probe, are ineffective on
mobile and Internet-of-things (IoT) devices powered by ARM architectures.
The trust in ARM's hardware-isolated execution environments, namely
TrustZone, was also reinforced by these findings. However, those
discoveries do not rule out novel and more sophisticated cache
side-channel attacks that leverage overlooked hardware features.
In this talk, I will present a novel Prime+Count attack that can be
used to build reliable covert channels between the normal and secure
world of TrustZone, which breaks one of its fundamental security
guarantees.

On the other hand, protections that can defeat previous cache
side-channel attacks on Intel architectures are not necessarily
effective in mitigating novel cache attacks on ARM platforms. Such
solutions attempt to mitigate attacks by explicitly or implicitly
creating a private space, in which constant-time access to sensitive
data is assured. However, some of the attempts utilize hardware
features available only on certain Intel processors. In this talk,
I will also discuss a defense against cache side-channel attacks
that can protect against both dedicated cache (L1) and shared cache
(L2) attacks on mobile and IoT devices.

 



  Date and Time

  Location

  Contact

  Registration



  • Louise Slaughter Hall
  • Rochester Institute of Technology
  • Rochester, New York
  • United States 14623
  • Building: RIT Center for Integrated Manufacturing Studies Conference Center - Bldg 78
  • Room Number: SLA-2120
  • Click here for Map


  Speakers

Ziming Zhao

Ziming Zhao of RIT

Topic:

Cache Side-Channel Attack and Defense on Mobile and IoT Devices

Biography:

Ziming Zhao is an assistant professor in the computing security
department of RIT. He received the PhD degree in computer science
from Arizona State University in 2014. His research foci include
system and software security, network security, usable and user-centric
security, cybercrime and threat intelligence analytics. His research
has led to 45+ publications in security conferences and journals,
including IEEE S&P, ACM CCS, USENIX Security, NDSS, ACSAC, TISSEC,
etc. He won a best paper award in ACM CODASPY 2014 and IEEE ITU
Kaleidoscope 2016. He directs the CyberspACe securiTy and forensIcs
lab (CactiLab, http://cactilab.info/ ).





Agenda

CHAPTER TECHNICAL PRESENTATIONS SESSION I (4:30 – 5:25 PM): 

IEEE Computer Society & Computational Intelligence Society (Room: SLA 2120)

Cache Side-Channel Attack and Defense on Mobile and IoT Devices

 

Links

CS/CIS website / venue info (parking): http://ewh.ieee.org/r1/rochester/computer/

Event flyer for CS/CIS talk: http://ewh.ieee.org/r1/rochester/computer/2019/20190409/Zhao.20190409.pdf

Details / Registration for JCM dinner & keynote: https://meetings.vtools.ieee.org/m/190998

                                                                               (also lists all the free technical presentations)

                                                                                (there is a cost associated with the dinner/keynote)