Preventing CPU Side-channel Attacks with Kernel Tracking
Updating microcode and losing performance, because of that update is a big concern for everyone. So Marian will show his team's work on how they decided to fight the attacks and what their solution gi …
| Talk Title | Preventing CPU Side-channel Attacks with Kernel Tracking |
| Speakers | Marian Marinov (Head of Operations, SiteGround) |
| Conference | Open Source Summit + ELC Europe |
| Conf Tag | |
| Location | Edinburgh, UK |
| Date | Oct 21-25, 2018 |
| URL | Talk Page |
| Slides | Talk Slides Talk Slides |
| Video | |
Updating microcode and losing performance, because of that update is a big concern for everyone. So Marian will show his team’s work on how they decided to fight the attacks and what their solution gives and what it lacks.The team’s point is that there is no valid case for a child program or thread to keep dying and this is what is primary technique for executing cache side-channel attacks.So monitoring dying processes allows for marking processes that try to attack us.Marian will provide examples and demo of their prevention mechanism.He will also share the team’s work on how they have used TSX instruction statistics to check for TSX based cache side-channel attacks.As a side effect, this protection mechanism can help mitigate(somewhat) all attacks that use this kind of attack vector.
