Exploiting Out-of-Order Execution for Covert Cross-VM Communication

Presented at Black Hat USA 2015, Aug. 6, 2015, 5 p.m. (25 minutes).

This presentation will demonstrate a novel side channel exploiting CPU out-of-order-execution to enable covert cross-VM communication in cloud computing environments. Live demonstrations will show several applications of this side channel, including cross process or VM eavesdropping, malware command & control and environmental keying. The presentation will conclude with a brief analysis of detection and mitigation techniques for this attack.

Presenters:

  • Sophia d'Antoine - Trail of Bits   as Sophia D'Antoine
    Sophia D'Antoine is a security researcher at Trail of Bits and a student at Rensselaer Polytechnic Institute. At RPI, her graduate research focuses on malicious applications of hardware side channels in virtualized environments. Through her involvement in RPISEC, she has taught security courses (Modern Binary Exploitation) and competed in CTFs.

Links:

Similar Presentations: