Secret Spilling Drive: Leaking User Behavior through SSD Contention
J Juffinger, F Rauscher… - Network and …, 2025 - graz.elsevierpure.com
Covert channels and side channels bypass architectural security boundaries. Numerous
works have studied covert channels and side channels in software and hardware. Thus …
works have studied covert channels and side channels in software and hardware. Thus …
ReCon: Efficient Detection, Management, and Use of Non-Speculative Information Leakage
P Aimoniotis, AB Kvalsvik, X Chen… - Proceedings of the 56th …, 2023 - dl.acm.org
In a speculative side-channel attack, a secret is improperly accessed and then leaked by
passing it to a transmitter instruction. Several proposed defenses effectively close this …
passing it to a transmitter instruction. Several proposed defenses effectively close this …
Bending microarchitectural weird machines towards practicality
A large body of work has demonstrated attacks that rely on the difference between CPUs'
nominal instruction set architectures and their actual (microarchitectural) implementations …
nominal instruction set architectures and their actual (microarchitectural) implementations …
Remote scheduler contention attacks
In this paper, we investigate unexplored aspects of scheduler contention: We systematically
study the leakage of all scheduler queues on AMD Zen 3 and show that all queues leak. We …
study the leakage of all scheduler queues on AMD Zen 3 and show that all queues leak. We …
Libra: Architectural Support For Principled, Secure And Efficient Balanced Execution On High-End Processors (Extended Version)
Control-flow leakage (CFL) attacks enable an attacker to expose control-flow decisions of a
victim program via side-channel observations. Linearization (ie, elimination) of secret …
victim program via side-channel observations. Linearization (ie, elimination) of secret …
Unveiling the {Hunter-Gatherers}: Exploring Threat Hunting Practices and Challenges in Cyber Defense
The dynamic landscape of cyber threats constantly adapts its attack patterns, successfully
evading traditional defense mechanisms and operating undetected until its objectives are …
evading traditional defense mechanisms and operating undetected until its objectives are …
PrefetchX: Cross-core cache-agnostic prefetcher-based side-channel attacks
In this paper, we reveal the existence of a new class of prefetcher, the XPT prefetcher, in
modern Intel processors which has never been officially detailed. It speculatively issues a …
modern Intel processors which has never been officially detailed. It speculatively issues a …
New cross-core cache-agnostic and prefetcher-based side-channels and covert-channels
In this paper, we reveal the existence of a new class of prefetcher, the XPT prefetcher, in the
modern Intel processors which has never been officially documented. It speculatively issues …
modern Intel processors which has never been officially documented. It speculatively issues …
BandwidthBreach: Unleashing Covert and Side Channels through Cache Bandwidth Exploitation
In the modern CPU architecture, enhancements such as the Line Fill Buffer (LFB) and Super
Queue (SQ), which are designed to track pending cache requests, have significantly …
Queue (SQ), which are designed to track pending cache requests, have significantly …
[PDF][PDF] Libra: Architectural Support For Principled, Secure And Efficient Balanced Execution On High-End Processors
Control-flow leakage (CFL) attacks enable an attacker to expose control-flow decisions of a
victim program via side-channel observations. Linearization (ie, elimination) of secret …
victim program via side-channel observations. Linearization (ie, elimination) of secret …