Microarchitectural Attacks on modern CPUs
From cloud servers to IoT devices, modern CPUs provide a complex microarchitecture to ensure high performance while easing parallelization. Unrelated services often run in parallel on the same platform and share resources. At the logic level, sandboxing ensures isolation between services. However, isolation is not perfect, and side channels caused by the CPU's shared microarchitecture can result in unintended information leakage across processes and virtual machines. For instance, cache attacks that exploit access time variations when retrieving data from the cache or the memory are a powerful tool to extract information from a co-located process.
This talk provides an overview of how microarchitectural features of modern CPUs such as shared caches and speculative execution can be abused to circumvent isolation techniques. It will be shown how the resulting attacks can be applied to extract sensitive information from privileged processes and even across processor boundaries. Modern attack techniques such as cache attacks as well as the infamous Spectre and Meltdown attacks will be presented and discussed.