Timing Side-Channel Attacks and Countermeasures in CPU Microarchitectures
Microarchitectural vulnerabilities, such as Meltdown and Spectre, exploit subtle
microarchitecture state to steal the user's secret data and even compromise the operating …
microarchitecture state to steal the user's secret data and even compromise the operating …
{Invalidate+ Compare}: A {Timer-Free}{GPU} Cache Attack Primitive
While extensive research has been conducted on CPU cache side-channel attacks, the
landscape of similar studies on modern GPUs remains largely uncharted. In this paper, we …
landscape of similar studies on modern GPUs remains largely uncharted. In this paper, we …
Bending microarchitectural weird machines towards practicality
A large body of work has demonstrated attacks that rely on the difference between CPUs'
nominal instruction set architectures and their actual (microarchitectural) implementations …
nominal instruction set architectures and their actual (microarchitectural) implementations …
Deepcache: Revisiting cache side-channel attacks in deep neural networks executables
Deep neural networks (DNN) are increasingly deployed in heterogeneous hardware,
including high-performance devices like GPUs and low-power devices like mobile/IoT …
including high-performance devices like GPUs and low-power devices like mobile/IoT …
[PDF][PDF] GoFetch: Breaking constant-time cryptographic implementations using data memory-dependent prefetchers
Microarchitectural side-channel attacks have shaken the foundations of modern processor
design. The cornerstone defense against these attacks has been to ensure that security …
design. The cornerstone defense against these attacks has been to ensure that security …
SegScope: Probing fine-grained interrupts via architectural footprints
Interrupts are critical hardware resources for OS kernels to schedule processes. As they are
related to system activities, interrupts can be used to mount various side-channel attacks (ie …
related to system activities, interrupts can be used to mount various side-channel attacks (ie …
SysBumps: Exploiting Speculative Execution in System Calls for Breaking KASLR in macOS for Apple Silicon
Apple silicon is the proprietary ARM-based processor that powers the mainstream of Apple
devices. The move to this proprietary architecture presents unique challenges in addressing …
devices. The move to this proprietary architecture presents unique challenges in addressing …
KernelSnitch: Side-Channel Attacks on Kernel Data Structures
L Maar, J Juffinger, T Steinbauer… - … 2025: NDSS 2025, 2025 - graz.elsevierpure.com
The sharing of hardware elements, such as caches, is known to introduce microarchitectural
side-channel leakage. One approach to eliminate this leakage is to not share hardware …
side-channel leakage. One approach to eliminate this leakage is to not share hardware …
The Illusion of Randomness: An Empirical Analysis of Address Space Layout Randomization Implementations
Address Space Layout Randomization (ASLR) is a crucial defense mechanism employed by
modern operating systems to mitigate exploitation by randomizing processes? memory …
modern operating systems to mitigate exploitation by randomizing processes? memory …
Lightweight Fault Isolation: Practical, Efficient, and Secure Software Sandboxing
Z Yedidia - Proceedings of the 29th ACM International Conference …, 2024 - dl.acm.org
Software-based fault isolation (SFI) is a longstanding technique that allows isolation of one
or more processes from each other with minimal or no use of hardware protection …
or more processes from each other with minimal or no use of hardware protection …