Side-Channels Attacks & Defenses - Module Descriptions of the CS department

Cybersecurity BSc (English)

Index

- Mathematics for Computer Scientists 1
- Mathematics for Computer Scientists 2
- Elements of Machine Learning
- Fundamentals of Data Structures and Algorithms
- Introduction to Theoretical Computer Science
- Programming 1
- Programming 2
- Statistics Lab
- System Architecture
- Practical Training: Cybersecurity Lab
- Software Engineering Lab
- Cryptography
- Foundations of Cybersecurity 1
- Foundations of Cybersecurity 2
- Proseminar
- Seminar
- Advanced Public Key Cryptography
- Algorithms in Cryptanalysis
- Foundations of Web Security
- Generating Software Tests
- Machine Learning in Cybersecurity
- Mobile Security
- Obfuscation
- Parameterized Verification
- Physical-Layer Security
- Privacy Enhancing Technologies
- Reactive Synthesis
- Secure Web Development
- Side-Channels Attacks & Defenses
- Usable Security and Privacy
- Automated Debugging
- Big Data Engineering
- Concurrent Programming
- Elements of Statistical Learning
- Ethics for Nerds
- Recht der Cybersicherheit – Datenschutzrechtliche Aspekte
- Recht der Cybersicherheit – Strafrechtliche Aspekte
- Topics in Algorithmic Data Analysis
- Bachelor's Seminar
- Bachelor's Thesis

Side-Channels Attacks & Defenses SCAD

General

study semester: 5-6
standard study semester: 6
cycle: occasional
duration: 1 semester
SWS: 4
ECTS: 6
teaching language: English

People

responsible: Dr. Michael Schwarz
lectures: Dr. Michael Schwarz

Assessment & Grades

entrance requirements: A background in the basics of operating systems and in programming C is recommended
assessment / exams: project and written exam
grade: Will be determined from performance in exams, exercises, and practical tasks. The exact modalities will be announced at the beginning of the module.

Workload

course type /weekly hours

  2 h lectures
+ 2 h tutorial
= 4 h (weekly)

total workload

   60 h of classes
+ 120 h private study
= 180 h (= 6 ECTS)

Aims / Competences to be developed

Students will acquire both a theoretical and practical understanding of microarchitectural attacks, such as side-channel attacks, transient-execution attacks, and software-based fault attacks. The students will understand the attack surface for these types of attacks and learn how such attacks can be mitigated on the hardware, operating system, and software layer. Moreover, students will acquire a more in-depth understanding of how modern CPUs work internally.

The lectures are accompanied by exercises to apply the theoretical concepts in a practical setting and get hands-on experiences with side-channel attacks and their mitigations.

Content

Basic introduction to the CPU microarchitecture and side channels
Software-based side-channel attacks (e.g., cache attacks, timing attacks)
Trusted execution environments and their attack surface (e.g., controlled-channel attacks)
Transient execution attacks (e.g., Meltdown, Spectre, ZombieLoad)
Software-based fault attacks (e.g., Rowhammer, Plundervolt)
Overview of various other types of side channels
Mitigation strategies in software and hardware

Literature & Reading

The teaching material will be in English and it will be announced at the beginning of the lecture.

Additional Information

Curriculum

This module is part of the following study programmes:

Cybersecurity MSc: Vertiefungsvorlesungen Cybersecurity
study semester: 1-3 / standard study semester: 4

Cybersecurity BSc (English): Kernthemen der Cybersicherheit
study semester: 5-6 / standard study semester: 6

Cybersicherheit BSc: Vertiefungsvorlesungen der Cybersicherheit
study semester: 5-6 / standard study semester: 6

italic		italic
bold		bold
_underlined_		underlined
~~striked~~		~~striked~~

* item1 * item2 * item3		item1 item2 item3
1. item1 1. item2 1. item3		item1 item2 item3

italic		italic
bold		bold
_underlined_		underlined
~~striked~~		~~striked~~

* item1 * item2 * item3		item1 item2 item3
1. item1 1. item2 1. item3		item1 item2 item3

italic		italic
bold		bold
_underlined_		underlined
~~striked~~		~~striked~~

Cybersecurity BSc (English)

Grundlagen der Mathematik

Grundlagen der Informatik

Praktika

Spezialisierter Bereich Cybersicherheit

Seminare Cybersecurity

Kernthemen der Cybersicherheit

Komplementäre Themen der Cybersicherheit

Bachelor-Seminar und -Arbeit