Microarchitectural Side-Channel Attacks: Security Implications and Techniques

This lecture discusses microarchitectural side-channel attacks, which exploit vulnerabilities in processor architectures to compromise security. It begins by addressing the need for hardware security due to the complexity of operating systems and hypervisors, which can harbor bugs that undermine trust. The instructor outlines various types of attacks, including Rowhammer, covert channels, and timing side-channel attacks, explaining how they can breach confidentiality and integrity. The lecture also covers classic security properties such as confidentiality, integrity, and availability, emphasizing the importance of isolation between processes. The Rowhammer attack is detailed, showcasing how it can manipulate memory integrity by flipping bits in DRAM. The discussion extends to cache side-channel attacks, where attackers can infer sensitive information based on cache access patterns. The lecture concludes with an overview of combined attacks like Meltdown and Spectre, highlighting their implications for modern computing systems and the challenges in mitigating these vulnerabilities effectively.