Exploiting Out-of-Order Execution for Covert Cross-VM Communication

Black Hat USA 2015

Presented by: Sophia D'Antoine
Date: Thursday August 06, 2015
Time: 17:00 - 17:25
Location: South Seas ABE

This presentation will demonstrate a novel side channel exploiting CPU out-of-order-execution to enable covert cross-VM communication in cloud computing environments. Live demonstrations will show several applications of this side channel, including cross process or VM eavesdropping, malware command & control and environmental keying. The presentation will conclude with a brief analysis of detection and mitigation techniques for this attack.

Sophia D'Antoine

Sophia D'Antoine is a security researcher at Trail of Bits and a student at Rensselaer Polytechnic Institute. At RPI, her graduate research focuses on malicious applications of hardware side channels in virtualized environments. Through her involvement in RPISEC, she has taught security courses (Modern Binary Exploitation) and competed in CTFs.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats