*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************
Tess Malone, Communications Officer
Summary Sentence: Software Side Channels
Full Summary: No summary paragraph submitted.
Tegan BrennanTITLE: Software Side Channels
ABSTRACT:
Side channels in software are a class of information leaks where non-functional side effects of software systems (such as execution time, memory usage, or power consumption) can leak information about sensitive data. In this talk, I present my research on a new class of side-channel vulnerabilities: JIT-induced side channels. In contrast to side channels introduced at the source code level, JIT-induced side channels arise at runtime due to the behavior of just-in-time (JIT) compilation. I show the existence of this class of side channels across multiple runtimes, and I demonstrate JIT-induced timing channels in large, open source projects large enough in magnitude to be detected over the public internet. I also present an automated approach to inducing this type of side channel in programs. In evaluating my automated technique, I show that programs classified as side-channel free by four state-of-the-art side channel analysis tools are, in fact, vulnerable to JIT-induced side channels. Finally, I discuss my contributions towards scalable quantification of side-channel vulnerabilities through a caching framework for model-counting queries.
BIO:
Tegan Brennan is a Ph.D. candidate in computer science at the University of California, Santa Barbara. Her research is in software engineering, formal verification, and computer security. She has worked extensively on side-channel vulnerabilities in software. Brennan is a recipient of an IGERT Fellowship in Network Science, an NCWIT Collegiate Award Honorable Mention in 2018, and an invited participant of the 2019 Rising Stars workshop. She has also interned twice with Amazon’s Automated Reasoning Group.
