![]() |
![]() |
University of Birmingham > Talks@bham > Computer Security Seminars > Software Exploitation: Hardware is the New Black
Software Exploitation: Hardware is the New BlackAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Dr Garfield Benjamin. NB alternative day/room What would the world be like if software had no bugs? Software systems would be impenetrable and our data shielded from prying eyes? Not quite. In this lecture, I will present evidence that reliable attacks targeting even “perfect” software are a realistic threat. Such attacks exploit properties of modern hardware to completely subvert a system, even in absence of software or configuration bugs. To substantiate this claim, I will illustrate practical attacks in real-world systems settings, such as browsers, clouds, and mobile. The implications are worrisome. Even bug-free (say formally verified) software can be successfully targeted by a relatively low-effort attacker. Moreover, state-of-the-art security defenses, which have proven useful to raise the bar against traditional software exploitation techniques, are completely ineffective against such attacks. It is time to revisit our assumptions on realistic adversarial models and investigate defenses that consider threats in the entire hardware/software stack. Pandora’s box has been opened. Bio: Cristiano Giuffrida is an Assistant Professor in the Computer Science Department at Vrije Universiteit Amsterdam. His research interests are in the general area of systems security, with a focus on software and hardware vulnerabilities that concern the memory subsystem. He received a Ph.D. cum laude from Vrije Universiteit Amsterdam in 2014. He was awarded the Roger Needham Award at EuroSys for the best PhD thesis in Computer Systems in Europe and the Dennis M. Ritchie Award at SOSP for the best PhD thesis in Computer Systems worldwide in 2015. This talk is part of the Computer Security Seminars series. This talk is included in these lists:
Note that ex-directory lists are not shown. |
Other listsRSLC PhD/Postdoc Seminars (Chemistry) EPS - College Research and KT Support Activities Reading Group in Combinatorics and ProbabilityOther talksTBA Life : it’s out there, but what and why ? TBA Control variates for computing transport coefficients The tragic destiny of Mileva Marić Einstein Counting cycles in planar graphs |