EdX

Between Physical and Sofware: Fault Attacks, Side Channels, and Mitigations (edX)

Offered by Graz University of Technology, TUGrazX,

Fault attacks (sometimes also called active side-channel attacks ) are a very powerful means that goes beyond just leaking secrets from an application or device, to actively manipulating it. We will look at fault attacks that can be triggered from software, namely Rowhammer and Plundervolt. We will also learn that some transient-execution attacks have some similarities to fault attacks. You will implement some of these attacks yourself and learn how they are mitigated.

Class Deals by MOOC List - Click here and see EdX's Active Discounts, Deals, and Promo Codes.

In this course, we build upon the knowledge we built up on cache side-channel attacks and transient-execution attacks, as well as the side-channel and security mindset. We again go beyond software-based side-channel attacks and now study software-based fault attacks. Fault attacks (sometimes also called active side-channel attacks ) are an incredibly powerful means to attack a system. Instead of just leaking secrets from an application or device, fault attacks actively manipulate the application or device to induce incorrect behavior which lets the attacker again leak secrets or fully take over control and subvert the application or device. We will look at fault attacks that can be triggered from software, namely Rowhammer and Plundervolt. We will then draw the connection between these attacks and transient-execution attacks that share some similarities. You will implement some of these attacks yourself and learn how they are mitigated.
This course is part of the Side Channel Security – Transient Execution and Fault Attacks Professional Certificate.

Prerequisites:
Knowledge and skills from the prerequisite courses Side Channel Security S3: Cache Side-Channel Attacks and Mitigations , Side Channel Security S4: Physical and Advanced Side-Channel Attacks , and Side Channel Security S5: Transient-Execution Attacks are strongly recommended.
We expect C and C++ programming skills on a similar level as in the prerequisite course. You may have obtained these as part of a university program such as computer science or a high school degree with a focus on computer science.

What you'll learn

Understand different methods to induce hardware faults from software on modern computers
Understand how these faulting mechanisms can undermine a system's security
Understand the security risks posed and how fault attacks can be mitigated

Syllabus

Episode 1: Sledge Hammer!

Attackers can fault hardware from software using Rowhammer.

Episode 2: Under Voltage

Plundervolt similarly can induce faults.

Episode 3: Load Value Inception

Injecting false values also works in the transient domain and without any physical fault.

Episode 4: Power Leakers

Software exposes power consumption interfaces, enabling leakage.

Episode 5: Hardware Leaks and Software Leaks

The page cache can be used for attacks similar to hardware caches.

Go to Class

MOOC List is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Related Courses

Cyber Security Basics: A Hands-on Approach (edX)

EdX

Universidad Carlos III de Madrid - UC3M,UC3Mx

Cyber Security Basics: A Hands-on Approach (edX)

Security & Networking

Learn how to think like a hacker, but behave as a security expert. Are you tired of hearing that your computer has a virus? Or that your email account has been hacked? Now, is the time for you to protect yourself by understanding the basics of cyber security.

Self Paced

Self-Paced

Security Malware Cybersecurity

Introduction to Software Side Channels and Mitigations (edX)

EdX

Graz University of Technology,TUGrazX

Introduction to Software Side Channels and Mitigations (edX)

Security & Networking

Side channels exist in the real world, but they also exist in computers and can be exploited directly from software. This is a substantial computer security problem today, that we need to learn about to be able to stop attacks. In this course, you will learn and practice basic software-based side channels and understand the thought process to utilize a side channel. You will then learn how to mitigate or avoid side channels in software.

Jun 7th 2022

5-12 Weeks

Security Mitigation Security Risks

Inclusive Energy Systems - Exploring Sustainable Energy for All (edX)

EdX

Delft University of Technology,DelftX

Inclusive Energy Systems - Exploring Sustainable Energy for All (edX)

Engineering Sci: Energy & Earth Sciences

Explore the impact of social and technological changes on the future provision of clean and affordable energy services. Learn how to navigate towards an inclusive energy system for all world citizens, while satisfying greenhouse gas emission reduction targets. The provision of sustainable energy services for all world citizens is a daunting challenge. Issues of energy poverty and energy injustice are encountered in all societies.

No sessions available

5-12 Weeks

Energy Security Sustainable Energy

Basic Network and Database Security (edX)

EdX

IBM

Basic Network and Database Security (edX)

Security & Networking

Build a background needed to understand basic network security and learn how to safeguard your organization from cybersecurity attacks. In addition to network security, you will learn about different types of data including personal sensitive data and safeguarding your organization from a data breach.

Self Paced

Self-Paced

Security Databases Networks

Introduction to Web Authentication (edX)

EdX

World Wide Web Consortium - W3C,W3Cx

Introduction to Web Authentication (edX)

Security & Networking

Web developers dig deep into modern Web Authentication to secure access to resources and applications. This course introduces developers to the W3C’s Web Authentication (WebAuthn) API, which provides the tools to replace usernames and passwords in favor of hardware-backed, cryptographically secure authentication.

Nov 30th 2021

3 Weeks

Security Authentication Web Authentication

Cybersecurity Roles and Operating System Security (edX)

EdX

IBM

Cybersecurity Roles and Operating System Security (edX)

Security & Networking

This course gives you the background needed to understand basic Cybersecurity around people. process and technology. No matter if you are new to the cybersecurity field or are looking to change careers, this course will help you understand the roles of system security professionals available within an organization from the chief information security officier (CISO) to security analysts.

Self Paced

Self-Paced

Security Operating Systems Windows

EdX

Western Governors University,WGUx

Network and Security Foundations (edX)

Security & Networking

This course introduces the components of a computer network and the concept and role of communication protocols. The course covers widely used categorical classifications of networks, as well as network topologies, physical devices, and layered abstraction. The course also introduces basic concepts of security, covering vulnerabilities of networks and mitigation techniques, security of physical media, and security policies and procedures.

Self Paced

Self-Paced

Security Networks LAN

Software Defined Networking (SDN) Access Security (edX)

EdX

Curtin University,CurtinX

Software Defined Networking (SDN) Access Security (edX)

CS: Software Engineering Engineering

Discover how Software Defined Networking (SDN) can handle security and privacy issues for modern enterprise and data centre networks. The aim of this course is to equip learners with advanced skills in the fields of security and cybersecurity and make you industry ready. You will learn about SDN Access Security. We will begin with the core security and privacy issues relevant to conventional IP networking, and explain how SDN can handle security and privacy issues for modern enterprise and data centre networks.

Self Paced

Self-Paced

Security SDN Cybersecurity

EdX

AWS

AWS Cloud Practitioner Essentials (edX)

Business Computer Science

Jumpstart your journey within the AWS Cloud! Whether you are new to the cloud or familiar with cloud technologies this course will introduce you to cloud concepts and core AWS services, security and architecture to advance your cloud knowledge and solve business challenges.

Self Paced

Self-Paced

Cloud Security Architecture

EdX

Caltech,Delft University of Technology

Quantum Cryptography (edX)

Security & Networking

Learn how quantum communication provides security that is guaranteed by the laws of nature. How can you tell a secret when everyone is able to listen in? In this course, you will learn how to use quantum effects, such as quantum entanglement and uncertainty, to implement cryptographic tasks with levels of security that are impossible to achieve classically.

No sessions available

5-12 Weeks

Security Quantum Protocols Quantum Cryptography

EdX

University System of Maryland - USM,USMx,University of Maryland Global Campus - UMGC,UMGC

Cloud Computing Security (edX)

Security & Networking

Learn how to identify security issues in the cloud and industry-standard techniques and procedures to prevent and mitigate risks. How do you protect the critical data that is increasingly being stored in the cloud? Learn how to build a security strategy that keeps data safe and mitigates risk.

Mar 21st 2024

5-12 Weeks

Security Cloud Computing Cloud Infrastructures

EdX

University of Washington,UWashingtonX

Introduction to Cybersecurity (edX)

Security & Networking

An introduction to cybersecurity, ideal for learners who are curious about the world of Internet security and who want to be literate in the field. This course serves as an introduction to the exciting field of cybersecurity. As our daily lives become more and more dependent on Internet-based tools and services, and as those platforms accumulate more of our most sensitive data, the demand grows for experts in the field of cybersecurity.

Self Paced

Self-Paced

Security Cybersecurity Internet Security