Add to ORKGLarge-scale attacks on networked computers are typi-cally used to create zombie armies for propagating spam or launching DDoS attacks. But they can also be used to harvest immense computing power for use in running nuclear simulations or cryptanalysis attempts. We show that all major operating systems today (possibly except Mac OS X) are vulnerable to such attacks, due to a com-bination of how they account for CPU usage and how they prioritize competing processes. Specifically, we de-tail a “cheat ” attack, by which a non-privileged process can hijack a large percentage of the CPU cycles. More-over, in at least some of the systems, listing the active processes will erroneously show that the cheating pro-cess is not using any CPU resources a...
© 2018 Copyright held by the owner/author(s). Recent research on transient execution vulnerabilities...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
We present a kernel-level infrastructure that allows system-wide detection of malicious applications...
Run-time attacks have plagued computer systems for more than three decades, with control-flow hijack...
How operating systems have responded CPU vulnerabilities like Spectre and Meltdown that attack the f...
Multi-processor systems are becoming the de-facto standard across different computing domains, rangi...
Over the past decades, the major objectives of computer design have been to improve performance and ...
Software vulnerabilities widely exist among various software from operating system kernel to web bro...
The pursuit of secure computation has always featured a tension between performance and security. Se...
In this paper, we study stealthy false-data attacks that exploit the vulnerabilities of power budget...
Shared microarchitectural state is a target for side-channel attacks that leverage timing measuremen...
The Meltdown and spectre holes are two security deficiencies which can provide access to personal da...
International audienceTypical SOC designs use processors and therefore, trust in such processor core...
In this paper, we show that stress-tests can be potentially used as power-noise viruses in denial-of...
Computer systems are often analyzed as purely virtual artifacts, a collection of software operating ...
© 2018 Copyright held by the owner/author(s). Recent research on transient execution vulnerabilities...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
We present a kernel-level infrastructure that allows system-wide detection of malicious applications...
Run-time attacks have plagued computer systems for more than three decades, with control-flow hijack...
How operating systems have responded CPU vulnerabilities like Spectre and Meltdown that attack the f...
Multi-processor systems are becoming the de-facto standard across different computing domains, rangi...
Over the past decades, the major objectives of computer design have been to improve performance and ...
Software vulnerabilities widely exist among various software from operating system kernel to web bro...
The pursuit of secure computation has always featured a tension between performance and security. Se...
In this paper, we study stealthy false-data attacks that exploit the vulnerabilities of power budget...
Shared microarchitectural state is a target for side-channel attacks that leverage timing measuremen...
The Meltdown and spectre holes are two security deficiencies which can provide access to personal da...
International audienceTypical SOC designs use processors and therefore, trust in such processor core...
In this paper, we show that stress-tests can be potentially used as power-noise viruses in denial-of...
Computer systems are often analyzed as purely virtual artifacts, a collection of software operating ...
© 2018 Copyright held by the owner/author(s). Recent research on transient execution vulnerabilities...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
We present a kernel-level infrastructure that allows system-wide detection of malicious applications...