Remote accessibility: While we hope to see you in person (we will be there!), we will have zoom open and all modules for the workshop (keynotes, hands on, etc.) will be accessible over the zoom.

Please find the Zoom link in Whova app.

About The Tutorial:

With the rise of cloud computing and internet services, microarchitectural attacks (i.e., microarchitectural side/covert channels, Spectre/Meltdown, Rowhammer) have emerged as a central threat to computer systems. These attacks exploit microarchitectural details to undermine program integrity/confidentiality and have enabled a menagerie of interesting (but unwanted!) capabilities---ranging from opening communication channels between otherwise isolated processes, leaking attacker-selected bits of a program's secret data, achieving privilege escalation in memory-safe code and more.

The goal of the tutorial is to bring together researchers from industry and academia that want to learn about the state-of-the-art in both microarchitectural attack and defense research. The tutorial will include three main components:

Theory: Breadth-Depth Talks and Discussion

A series of talks by the organizers covering from basic to advanced concepts in microarchitectural attacks and defenses.

Practice: Covert Channel/Spectre "Hello World" Hands-on Hacking Session and Capture the Flag

The organizers will host a hands-on hacking session where participants get access to working covert channel code/Spectre and be able to modify it & see the effects of those changes on channel bandwidth, etc. The tutorial will also feature a capture the flag session that will commence at tutorial end and run for the subsequent week (with prizes going to the winners!). So please bring a laptop!

"Hello world" is a notorious challenge for researchers new to side and covert channels. The goal with the hacking session be for participants to leave the tutorial with working code that they can build from in their research. We have tested this code and will provide AWS instances for the participants to see some covert-channel action in person.

Keynote speakers

We will have two keynote speakers give a talk on the future of microarchitectural security and major open challenges.

Schedule and Slides (final as of 6/18/22):

• 08:45-09:15 AM: Tutorial introduction and demos :)

• 09:15-10:15 AM: Keynote #1 (Mic Bowman, Intel)

• 10:15-10:30 AM: Intro to Hands-on hacking session

• 10:30-11:00 AM: Coffee break / Hands-on session

• 11:00-12:00 PM: Hands-on session

• 12:00-01:30 PM: Lunch break / Hands-on session

• 01:30-02:00 PM: What We Have Overlooked When Studying Microarchitectural Side Channels, Mengjia Yan (MIT)

• 02:00-02:30 PM: Beyond Leakage: Microarchitectural Weird Machines, Dmitry Evtyushkin (College of William and Mary)

• 02:30-03:00 PM: Coffee break

• 03:00-04:00 PM: Keynote #2 (Fangfei Liu, Intel)

• 04:00-04:30 PM: A Game of Cache Attacks and Defense, Moinuddin Qureshi (Georgia Tech)

• 04:30-05:00 PM: Rowhammer Attacks and Defense, Moinuddin Qureshi (Georgia Tech)

• 05:00 PM: Closing

• Potpourri (time permitting)

Program Overview:

The breadth-depth talks will cover a range of material, including but not limited to the following:

Basics/Crash Course in microarchitectural side and covert channels

If the audience does not have a background in side/covert channel research, they should be able to attend only this module and walk away with a working knowledge of how basic side channel attacks work.

Assumptions and Formal Definitions

The audience will understand what assumptions and formal definitions underpin side channel attacks. We will also cover relevant architecture background that will be used in later modules.

Non-Speculative Side Channel Attacks

The audience will gain a state-of-the-art understanding for the attacker’s toolkit, i.e., what he/she will exploit at the algorithm-level, what microarchitectural channels leak bits, and how signal post-processing techniques can amplify leakage.

Speculative (Transient) Covert Channel Attacks

The audience will understand from the basics to the state-of-the-art of speculative (transient) execution attacks, starting with Spectre/Meltdown/Foreshadow and generalizing to the different mechanisms needed to create an attack.

Rowhammer Attacks

The audience will understand from the basics to the state-of-the-art of Rowhammer attacks, including other related attacks such as RAMBleed.

Software-based Defenses

The audience will gain state-of-the-art understanding of data oblivious/constant time programming, the circuit programming abstraction and cryptographic blinding. This constitutes the toolkit developers and cryptographers use today to block side channels on commercially available machines.

Hardware-based Defenses

The audience will learn about a sampling of hardware proposals out of the architecture community for blocking side channels and Rowhammer. The focus will be on holistic techniques blocking broad classes of side channels/memory attacks with provable guarantees.