Coopération

Séminaires


< retour aux séminaires

Maria MUSHTAQ - Postdoctoral researcher, CNRS, LIRMM, ADAC Group, Université de Montpellier, France

Theme: Side-Channel Attacks, Detection and Mitigation: An Understanding to Microarchitectural Security
Date: December 3rd, 2020 - 10:00 - 12:00, Internal videoconference

Biography

Maria MUSHTAQ received her PhD in Information Security from the University of South Brittany (UBS), France, in 2019. She was awarded the French regional scholarship for her PhD. Currently, she is working as a CNRS Postdoctoral Researcher at LIRMM, University of Montpellier (UM), France under “excellence post-doc grant”. She possess expertise in microarchitectural vulnerability assessment and design & development of runtime mitigation solutions against side-and covert-channel information leakage in modern computing systems. Her research interests mainly focus on cryptanalysis, constructing and validating software security components, and constructing OS-based security primitives against various hardware vulnerabilities. She is currently involved in various national and international projects and has co-authored several peer-reviewed publications in international conferences and journals. She holds Masters and Bachelor's degrees in Computer Science.
http://d2kab.fr/users/utilisateurs-lirmm/maria-mushtaq

Abstract

Access-driven Cache Side-Channel Attacks (CSCAs) are strong cryptanalysis techniques that break cryptographic algorithms by targeting their implementations. Most of the existing mitigation approaches against CSCAs heavily compromise performance benefits. Therefore, to find a security vs performance trade-off, we argue in favor of need-based protection in this presentation, which will allow the operating system to apply mitigation only after successful detection of CSCAs. Thus, detection can serve as a first line of defense against such attacks. This presentation introduces a novel OS-level runtime detection-based mitigation mechanism, against CSCAs in general-purpose operating systems. The proposed mechanism enhances the security and privacy capabilities of Linux as a proof of concept, which can be widely used in commodity systems without any hardware modifications. The detection-based mitigation mechanism is also able to work on recently reported computational attacks like Spectre and Meltdown, which exploit the residual micro-architectural cache states that are left after speculative execution.