Ge, Q., Yarom, Y., Cock, D., and Heiser, G. A survey of microarchitectural timing attacks and countermeasures on contemporary hardware. JCEN 8, 1 (2018).

Crossref

Google Scholar

[6]

Gruss, D., Lipp, M., Schwarz, M., Fellner, R., Maurice, C., and Mangard, S. KASLR is Dead: Long Live KASLR. In Proceedings of Intern. 2017 Symposium on Engineering Secure Software and Systems. Springer, 161--176.

Google Scholar

[7]

Gruss, D., Maurice, C., Fogh, A., Lipp, M., and Mangard, S. Prefetch side-channel attacks: Bypassing SMAP and Kernel ASLR. In Proceedings of 2016 CCS.

Google Scholar

[8]

Gruss, D., Maurice, C., Wagner, K., and Mangard, S. Flush + Flush: A fast and stealthy cache attack. In Proceedings of DIMVA, 2016.

Digital Library

Google Scholar

[9]

Gruss, D., Spreitzer, R., and Mangard, S. Cache template attacks: Automating attacks on inclusive last-level caches. In Proceedings of USENIX Security Symposium, 2015.

Google Scholar

[10]

Hennessy, J.L., and Patterson, D.A. Computer Architecture: A Quantitative Approach, 5^th Ed. Morgan Kaufmann, San Francisco, CA, USA, 2011.

Digital Library

Google Scholar

[11]

Hund, R., Willems, C., and Holz, T. Practical timing side channel attacks against kernel space ASLR. S&P (2013).

Digital Library

Google Scholar

[12]

IDRIX. VeraCrypt; https://veracrypt.fr 2018.

Google Scholar

[13]

Intel. An introduction to the intel quickpath interconnect, Jan 2009.

Google Scholar

[14]

Intel. Rogue system register read, 2018; https://software.intel.com/security-software-guidance/software-guidance/

Google Scholar

[15]

Jang, Y., Lee, S., and Kim, T. Breaking kernel address space layout randomization with Intel TSX. In Proceedings of 2016 CCS.

Google Scholar

[16]

Kiriansky, V., and Waldspurger, C. Speculative buffer overflows: Attacks and defenses., 2018; arXiv 1807.03757.

Google Scholar

[17]

Kocher, P. et al. Spectre attacks: Exploiting speculative execution. S&P (2019).

Google Scholar

[18]

Miller, M. Speculative store bypass, https://blogs.technet.microsoft.com/srd/2018/05/21/analysis-and-mitigation-of-speculative-store-bypass/

Google Scholar

[19]

Osvik, D.A., Shamir, A. and Tromer, E. Cache attacks and countermeasures: The case of AES. In Proceedings of 2006 CT-RSA.

Google Scholar

[20]

Phoronix. Linux 4.12 To Enable KASLR By Default; http://bit.ly/2FVuoXz

Google Scholar

[21]

Schwarz, M. et al. ZombieLoad: Cross-privilege-boundary data sampling. In Proceedings of 2019 CCS.

Google Scholar

[22]

Schwarz, M., Schwarzl, M., Lipp, M., Masters, J., and Gruss, D. NetSpectre: Read arbitrary memory over network. In Proceedings of ESORICS, 2019.

Digital Library

Google Scholar

[23]

Sorin, D.J., Hill, M.D., and Wood, D.A. A Primer on Memory Consistency and Cache Coherence. 2011.

Digital Library

Google Scholar

[24]

Stecklina, J., and Prescher, T. LazyFP: Leaking FPU register state using microarchitectural side-channels, 2018; arXiv 1806.07480.

Google Scholar

[25]

Van Bulck, J. et al. Foreshadow: Extracting the keys to the Intel SGX kingdom with transient out-of-order execution. USENIX Sec. (Aug. 2018).

Google Scholar

[26]

van Schaik, S., Milburn, A., Österlund, S., Frigo, P., Maisuradze, G., Razavi, K., Bos, H., and Giuffrida, C. RIDL: Rogue in-night data load. S&P (May 2019).

Google Scholar

[27]

Weisse, O. et al. Foreshadow-NG: Breaking the virtual memory abstraction with transient out-of-order execution; https://foreshadowattack.eu/foreshadow-NG.pdf 2018.

Google Scholar

[28]

Yarom, Y., and Falkner, K. Flush + Reload: A high resolution, low noise, L3 cache side-channel attack. In Proceedings of USENIX Security Symposium, 2014.

Google Scholar

[29]

Zhang, Y., Juels, A., Reiter, M.K., and Ristenpart, T. Cross-tenant side-channel attacks in PaaS clouds. In Proceedings of 2014 CCS.

Google Scholar

Cited By

View all

Joshi KGupta AGonz´lez JKumar AReddy KGeorge ALund SAxboe JMa XWon Y(2024)I/O PassthruProceedings of the 22nd USENIX Conference on File and Storage Technologies10.5555/3650697.3650704(107-122)Online publication date: 27-Feb-2024
https://dl.acm.org/doi/10.5555/3650697.3650704
Agredo CLangehaug TGraham S(2024)Inferring TLB Configuration with Performance ToolsJournal of Cybersecurity and Privacy10.3390/jcp40400444:4(951-971)Online publication date: 12-Nov-2024
https://doi.org/10.3390/jcp4040044
Krausz MThoma JStolz FFyrbiak MGüneysu T(2024)Three Sidekicks to Support Spectre Countermeasures2024 Design, Automation & Test in Europe Conference & Exhibition (DATE)10.23919/DATE58400.2024.10546575(1-6)Online publication date: 25-Mar-2024
https://doi.org/10.23919/DATE58400.2024.10546575
Show More Cited By

Index Terms

Meltdown: reading kernel memory from user space
1. Security and privacy
  1. Security in hardware
    1. Hardware attacks and countermeasures
      1. Side-channel analysis and countermeasures
  2. Systems security
    1. Operating systems security

Recommendations

Post-financial meltdown: What do the services industries need from us now?

In 2008 the global economy was rocked by a crisis that began on Wall Street, but quickly spread to Main Street U.S.A., and then to side streets around the world. Statisticians working in the service sector are not immune, with many concerned about ...
Analyzing Entrepreneurship: Analyzing the Motivation, True Grit, and The Hustle of a Successful Entrepreneur
Make more, worry less: secrets from 18 extraordinary people who created a bigger income and a better life

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

Communications of the ACM Volume 63, Issue 6

June 2020

89 pages

ISSN:0001-0782

EISSN:1557-7317

DOI:10.1145/3402158

Editor:
Andrew A. Chien
Association for Computing Machinery, New York, NY

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 May 2020

Published in CACM Volume 63, Issue 6

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article
Popular
Refereed

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

130
Total Citations
View Citations
13,671
Total Downloads

Downloads (Last 12 months)1,769
Downloads (Last 6 weeks)317

Reflects downloads up to 21 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Joshi KGupta AGonz´lez JKumar AReddy KGeorge ALund SAxboe JMa XWon Y(2024)I/O PassthruProceedings of the 22nd USENIX Conference on File and Storage Technologies10.5555/3650697.3650704(107-122)Online publication date: 27-Feb-2024
https://dl.acm.org/doi/10.5555/3650697.3650704
Agredo CLangehaug TGraham S(2024)Inferring TLB Configuration with Performance ToolsJournal of Cybersecurity and Privacy10.3390/jcp40400444:4(951-971)Online publication date: 12-Nov-2024
https://doi.org/10.3390/jcp4040044
Krausz MThoma JStolz FFyrbiak MGüneysu T(2024)Three Sidekicks to Support Spectre Countermeasures2024 Design, Automation & Test in Europe Conference & Exhibition (DATE)10.23919/DATE58400.2024.10546575(1-6)Online publication date: 25-Mar-2024
https://doi.org/10.23919/DATE58400.2024.10546575
AL-Zu'bi MWeissenbacher G(2024)Statistical Profiling of Micro-Architectural Traces and Machine Learning for Spectre Detection: A Systematic Evaluation2024 Design, Automation & Test in Europe Conference & Exhibition (DATE)10.23919/DATE58400.2024.10546539(1-6)Online publication date: 25-Mar-2024
https://doi.org/10.23919/DATE58400.2024.10546539
Gerhorst LHerzog HWägemann POtt MKapitza RHönig T(2024)VeriFence: Lightweight and Precise Spectre Defenses for Untrusted Linux Kernel ExtensionsProceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3678890.3678907(644-659)Online publication date: 30-Sep-2024
https://dl.acm.org/doi/10.1145/3678890.3678907
Cheng POzga WValdez EAhmed SGu ZJamjoom HFranke HBottomley J(2024)Intel TDX Demystified: A Top-Down ApproachACM Computing Surveys10.1145/365259756:9(1-33)Online publication date: 14-Mar-2024
https://dl.acm.org/doi/10.1145/3652597
Han XZhang J(2024)Behavior-based dynamic trusted measurement schemeThird International Conference on Electronic Information Engineering, Big Data, and Computer Technology (EIBDCT 2024)10.1117/12.3031239(228)Online publication date: 19-Jul-2024
https://doi.org/10.1117/12.3031239
Clark TMcDonald JAndel TBaggett BMullens T(2024)A Taxonomy of Side-ChannelsSoutheastCon 202410.1109/SoutheastCon52093.2024.10500257(1564-1570)Online publication date: 15-Mar-2024
https://doi.org/10.1109/SoutheastCon52093.2024.10500257
Haq MNguyen TTosun AVollmer FKorkmaz TSadeghi A(2024)SoK: A Comprehensive Analysis and Evaluation of Docker Container Attack and Defense Mechanisms2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00268(4573-4590)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00268
EdalatNejad KLueks WSukaitis JNarbel VMarelli MTroncoso C(2024)Janus: Safe Biometric Deduplication for Humanitarian Aid Distribution2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00116(655-672)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00116
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Digital Edition

View this article in digital edition.

Digital Edition

Magazine Site

View this article on the magazine site (external)

Magazine Site

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

References

Cited By

Index Terms

Recommendations

Post-financial meltdown: What do the services industries need from us now?

Analyzing Entrepreneurship: Analyzing the Motivation, True Grit, and The Hustle of a Successful Entrepreneur

Make more, worry less: secrets from 18 extraordinary people who created a bigger income and a better life

Comments

Information

Published In

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

PDF

eReader

Digital Edition

Magazine Site

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations